diff --git a/crypto/crypto.go b/crypto/crypto.go index fd4dde69e..4f61c9aba 100644 --- a/crypto/crypto.go +++ b/crypto/crypto.go @@ -179,6 +179,9 @@ func UnmarshalPubkey(pub []byte) (*ecdsa.PublicKey, error) { if x == nil { return nil, errInvalidPubkey } + if !S256().IsOnCurve(x, y) { + return nil, errInvalidPubkey + } return &ecdsa.PublicKey{Curve: S256(), X: x, Y: y}, nil }