crypto: ecc - check for invalid values in the key verification test

		out[i] = __swab64(in[ndigits - 1 - i]);

}

int ecc_is_key_valid(unsigned int curve_id, unsigned int ndigits,

		     const u64 *private_key, unsigned int private_key_len)

static int __ecc_is_key_valid(const struct ecc_curve *curve,

			      const u64 *private_key, unsigned int ndigits)

{

	int nbytes;

	const struct ecc_curve *curve = ecc_get_curve(curve_id);

	u64 one[ECC_MAX_DIGITS] = { 1, };

	u64 res[ECC_MAX_DIGITS];

	if (!private_key)

		return -EINVAL;

	nbytes = ndigits << ECC_DIGITS_TO_BYTES_SHIFT;

	if (private_key_len != nbytes)

	if (curve->g.ndigits != ndigits)

		return -EINVAL;

	if (vli_is_zero(private_key, ndigits))

	/* Make sure the private key is in the range [2, n-3]. */

	if (vli_cmp(one, private_key, ndigits) != -1)

		return -EINVAL;

	/* Make sure the private key is in the range [1, n-1]. */

	if (vli_cmp(curve->n, private_key, ndigits) != 1)

	vli_sub(res, curve->n, one, ndigits);

	vli_sub(res, res, one, ndigits);

	if (vli_cmp(res, private_key, ndigits) != 1)

		return -EINVAL;

	return 0;

}

int ecc_is_key_valid(unsigned int curve_id, unsigned int ndigits,

		     const u64 *private_key, unsigned int private_key_len)

{

	int nbytes;

	const struct ecc_curve *curve = ecc_get_curve(curve_id);

	nbytes = ndigits << ECC_DIGITS_TO_BYTES_SHIFT;

	if (private_key_len != nbytes)

		return -EINVAL;

	return __ecc_is_key_valid(curve, private_key, ndigits);

}

/*

 * ECC private keys are generated using the method of extra random bits,

 * equivalent to that described in FIPS 186-4, Appendix B.4.1.

	if (err)

		return err;

	if (vli_is_zero(priv, ndigits))

		return -EINVAL;

	/* Make sure the private key is in the range [1, n-1]. */

	if (vli_cmp(curve->n, priv, ndigits) != 1)

	/* Make sure the private key is in the valid range. */

	if (__ecc_is_key_valid(curve, priv, ndigits))

		return -EINVAL;

	ecc_swap_digits(priv, privkey, ndigits);