Merge pull request #1418 from alex/fix-ec-complains

Fixes #1416 -- replaced assertions with error checking in EC key from numbers.
author: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-10-19 22:19:35 -0700
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-10-19 22:19:35 -0700
commit: 9c2cdcd5e9a62ed97f6d1282d613e52f3db26ee8 (patch)
tree: 1219218d212b309029dae2f55e0164c657024a29
parent: f63ace86e4665c3413d905ec546ce6ef5b4e6bbb (diff)
parent: b796621b2888f8573bfd42ed895c03667e3d5cb8 (diff)
download: cryptography-9c2cdcd5e9a62ed97f6d1282d613e52f3db26ee8.tar.gz
cryptography-9c2cdcd5e9a62ed97f6d1282d613e52f3db26ee8.tar.bz2
cryptography-9c2cdcd5e9a62ed97f6d1282d613e52f3db26ee8.zip
2 files changed, 27 insertions, 0 deletions
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index 567f1648..bb1a3f3d 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@@ -984,6 +984,11 @@ class Backend(object):
         values.
         """
 
+        if x < 0 or y < 0:
+            raise ValueError(
+                "Invalid EC key. Both x and y must be non-negative."
+            )
+
         bn_x = self._int_to_bn(x)
         bn_y = self._int_to_bn(y)
 
diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py
index 887520de..1b3bb9b3 100644
--- a/tests/hazmat/primitives/test_ec.py
+++ b/tests/hazmat/primitives/test_ec.py
@@ -274,6 +274,28 @@ class TestECDSAVectors(object):
         with pytest.raises(ValueError):
             numbers.private_key(backend)
 
+        numbers = ec.EllipticCurvePrivateNumbers(
+            357646505660320080863666618182642070958081774038609089496899025506,
+            ec.EllipticCurvePublicNumbers(
+                -4725080841032702313157360200834589492768638177232556118553296,
+                1120253292479243545483756778742719537373113335231773536789915,
+                ec.SECP256R1(),
+            )
+        )
+        with pytest.raises(ValueError):
+            numbers.private_key(backend)
+
+        numbers = ec.EllipticCurvePrivateNumbers(
+            357646505660320080863666618182642070958081774038609089496899025506,
+            ec.EllipticCurvePublicNumbers(
+                47250808410327023131573602008345894927686381772325561185532964,
+                -1120253292479243545483756778742719537373113335231773536789915,
+                ec.SECP256R1(),
+            )
+        )
+        with pytest.raises(ValueError):
+            numbers.private_key(backend)
+
     @pytest.mark.parametrize(
         "vector",
         load_vectors_from_file(
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-10-19 22:19:35 -0700
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-10-19 22:19:35 -0700
commit	9c2cdcd5e9a62ed97f6d1282d613e52f3db26ee8 (patch)
tree	1219218d212b309029dae2f55e0164c657024a29
parent	f63ace86e4665c3413d905ec546ce6ef5b4e6bbb (diff)
parent	b796621b2888f8573bfd42ed895c03667e3d5cb8 (diff)
download	cryptography-9c2cdcd5e9a62ed97f6d1282d613e52f3db26ee8.tar.gz cryptography-9c2cdcd5e9a62ed97f6d1282d613e52f3db26ee8.tar.bz2 cryptography-9c2cdcd5e9a62ed97f6d1282d613e52f3db26ee8.zip