Check Curve25519 public key after generating one to avoid generating invalid keys.

Thanks to Kr0emer for the report.
2026-01-27 05:42:19 +01:00 · 2025-12-15 16:30:43 -07:00
parent 52ee00132d
commit 36eda9fb75
1 changed files with 5 additions and 0 deletions
--- a/wolfcrypt/src/curve25519.c
+++ b/wolfcrypt/src/curve25519.c
@@ -433,6 +433,11 @@ int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key)
        ret = wc_curve25519_make_pub((int)sizeof(key->p.point), key->p.point,
                                     (int)sizeof(key->k), key->k);
 #endif
+        if (ret == 0) {
+            ret = wc_curve25519_check_public(key->p.point,
+                                       (word32)sizeof(key->p.point),
+                                      EC25519_LITTLE_ENDIAN);
+        }
        key->pubSet = (ret == 0);
    }
 #endif