From c2be5dbe2b2b23e4b0b1d2bd0b858e149a21cb70 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Sat, 6 Feb 2021 01:54:25 +0700
Subject: [PATCH] check prime is prime with ecc compressed keys

---
 wolfcrypt/src/ecc.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
index 66bb3eef9..4ee4dd12f 100644
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@@ -6931,6 +6931,14 @@ int wc_ecc_import_point_der_ex(byte* in, word32 inLen, const int curve_idx,
                     (ECC_CURVE_FIELD_PRIME | ECC_CURVE_FIELD_AF |
                         ECC_CURVE_FIELD_BF));
 
+            /* validate prime is prime */
+            if (err == MP_OKAY) {
+                int isPrime = MP_NO;
+                err = mp_prime_is_prime(curve->prime, 8, &isPrime);
+                if (err == MP_OKAY && isPrime == MP_NO)
+                    err = MP_VAL;
+            }
+
             /* compute x^3 */
             if (err == MP_OKAY)
                 err = mp_sqr(point->x, &t1);
@@ -7828,6 +7836,14 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
                 (ECC_CURVE_FIELD_PRIME | ECC_CURVE_FIELD_AF |
                  ECC_CURVE_FIELD_BF));
 
+        /* validate prime is prime */
+        if (err == MP_OKAY) {
+            int isPrime = MP_NO;
+            err = mp_prime_is_prime(curve->prime, 8, &isPrime);
+            if (err == MP_OKAY && isPrime == MP_NO)
+                err = MP_VAL;
+        }
+
         /* compute x^3 */
         if (err == MP_OKAY)
             err = mp_sqr(key->pubkey.x, &t1);