From 1a32bdf92cceb7a42e5636e12d95609e17b8f786 Mon Sep 17 00:00:00 2001
From: Felix Lange <fjl@users.noreply.github.com>
Date: Mon, 11 Dec 2017 22:49:09 +0100
Subject: [PATCH] crypto: fix error check in toECDSA (#15632)

With this change,

    key, err := crypto.HexToECDSA("000000...")

returns nil key and an error instead of a non-nil key with nil X
and Y inside. Issue found by @guidovranken.
---
 crypto/crypto.go      | 3 +++
 crypto/crypto_test.go | 9 +++++++++
 2 files changed, 12 insertions(+)

diff --git a/crypto/crypto.go b/crypto/crypto.go
index 8161769d3d..3a98bfb503 100644
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@@ -98,6 +98,9 @@ func toECDSA(d []byte, strict bool) (*ecdsa.PrivateKey, error) {
 	}
 	priv.D = new(big.Int).SetBytes(d)
 	priv.PublicKey.X, priv.PublicKey.Y = priv.PublicKey.Curve.ScalarBaseMult(d)
+	if priv.PublicKey.X == nil {
+		return nil, errors.New("invalid private key")
+	}
 	return priv, nil
 }
 
diff --git a/crypto/crypto_test.go b/crypto/crypto_test.go
index b4c441e5f7..8350354623 100644
--- a/crypto/crypto_test.go
+++ b/crypto/crypto_test.go
@@ -40,6 +40,15 @@ func TestKeccak256Hash(t *testing.T) {
 	checkhash(t, "Sha3-256-array", func(in []byte) []byte { h := Keccak256Hash(in); return h[:] }, msg, exp)
 }
 
+func TestToECDSAErrors(t *testing.T) {
+	if _, err := HexToECDSA("0000000000000000000000000000000000000000000000000000000000000000"); err == nil {
+		t.Fatal("HexToECDSA should've returned error")
+	}
+	if _, err := HexToECDSA("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"); err == nil {
+		t.Fatal("HexToECDSA should've returned error")
+	}
+}
+
 func BenchmarkSha3(b *testing.B) {
 	a := []byte("hello world")
 	for i := 0; i < b.N; i++ {