Catch Invalid X or Y points and raise a ValueError

Signed-off-by: Simo Sorce <simo@redhat.com>
author: Simo Sorce <simo@redhat.com> 2015-10-10 15:42:17 -0400
committer: Simo Sorce <simo@redhat.com> 2015-10-12 20:52:17 -0400
commit: 00f94097219d14036d7172994e54dc6a6d2fa8f3 (patch)
tree: 33c29febc0f2bd95e4a2c25eb3748927126c4e9d /src
parent: 0eafd9cd32a69909bd7bab955459925f54bd7278 (diff)
download: cryptography-00f94097219d14036d7172994e54dc6a6d2fa8f3.tar.gz
cryptography-00f94097219d14036d7172994e54dc6a6d2fa8f3.tar.bz2
cryptography-00f94097219d14036d7172994e54dc6a6d2fa8f3.zip
1 files changed, 6 insertions, 2 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index ac025e95..0d3b3dd4 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -1776,9 +1776,13 @@ class Backend(object):
             self.openssl_assert(res == 1)
 
             res = self._lib.BN_cmp(bn_x, check_x)
-            self.openssl_assert(res == 0)
+            if res != 0:
+                self._consume_errors()
+                raise ValueError("Invalid EC Key X point.")
             res = self._lib.BN_cmp(bn_y, check_y)
-            self.openssl_assert(res == 0)
+            if res != 0:
+                self._consume_errors()
+                raise ValueError("Invalid EC Key Y point.")
 
         res = self._lib.EC_KEY_set_public_key(ctx, point)
         self.openssl_assert(res == 1)
author	Simo Sorce <simo@redhat.com>	2015-10-10 15:42:17 -0400
committer	Simo Sorce <simo@redhat.com>	2015-10-12 20:52:17 -0400
commit	00f94097219d14036d7172994e54dc6a6d2fa8f3 (patch)
tree	33c29febc0f2bd95e4a2c25eb3748927126c4e9d /src
parent	0eafd9cd32a69909bd7bab955459925f54bd7278 (diff)
download	cryptography-00f94097219d14036d7172994e54dc6a6d2fa8f3.tar.gz cryptography-00f94097219d14036d7172994e54dc6a6d2fa8f3.tar.bz2 cryptography-00f94097219d14036d7172994e54dc6a6d2fa8f3.zip