diff options
-rw-r--r-- | src/cryptography/hazmat/primitives/asymmetric/ec.py | 3 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_ec.py | 3 |
2 files changed, 6 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/primitives/asymmetric/ec.py b/src/cryptography/hazmat/primitives/asymmetric/ec.py index 023a2d15..a527387b 100644 --- a/src/cryptography/hazmat/primitives/asymmetric/ec.py +++ b/src/cryptography/hazmat/primitives/asymmetric/ec.py @@ -257,6 +257,9 @@ def derive_private_key(private_value, curve, backend): if not isinstance(private_value, six.integer_types): raise TypeError("private_value must be an integer type.") + if private_value <= 0: + raise ValueError("private_value must be a positive integer.") + if not isinstance(curve, EllipticCurve): raise TypeError("curve must provide the EllipticCurve interface.") diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index d2b570dd..7127071f 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -125,6 +125,9 @@ def test_derive_private_key_errors(backend): with pytest.raises(TypeError): ec.derive_private_key(10, 'five', backend) + with pytest.raises(ValueError): + ec.derive_private_key(-7, curve, backend) + def test_ec_numbers(): numbers = ec.EllipticCurvePrivateNumbers( |