@@ -2289,16 +2289,29 @@ EC.prototype.sign = function sign(msg, key, enc, options) {
22892289 if ( ! options )
22902290 options = { } ;
22912291
2292+ if ( typeof msg !== 'string' && typeof msg !== 'number' && ! BN . isBN ( msg ) ) {
2293+ assert ( typeof msg === 'object' && msg && typeof msg . length === 'number' ,
2294+ 'Expected message to be an array-like, a hex string, or a BN instance' ) ;
2295+ assert ( ( msg . length >>> 0 ) === msg . length ) ; // non-negative 32-bit integer
2296+ for ( var i = 0 ; i < msg . length ; i ++ ) assert ( ( msg [ i ] & 255 ) === msg [ i ] ) ;
2297+ }
2298+
22922299 key = this . keyFromPrivate ( key , enc ) ;
22932300 msg = this . _truncateToN ( msg , false , options . msgBitLength ) ;
22942301
2302+ // Would fail further checks, but let's make the error message clear
2303+ assert ( ! msg . isNeg ( ) , 'Can not sign a negative message' ) ;
2304+
22952305 // Zero-extend key to provide enough entropy
22962306 var bytes = this . n . byteLength ( ) ;
22972307 var bkey = key . getPrivate ( ) . toArray ( 'be' , bytes ) ;
22982308
22992309 // Zero-extend nonce to have the same byte size as N
23002310 var nonce = msg . toArray ( 'be' , bytes ) ;
23012311
2312+ // Recheck nonce to be bijective to msg
2313+ assert ( ( new BN ( nonce ) ) . eq ( msg ) , 'Can not sign message' ) ;
2314+
23022315 // Instantiate Hmac_DRBG
23032316 var drbg = new HmacDRBG ( {
23042317 hash : this . hash ,
@@ -8889,7 +8902,7 @@ utils.encode = function encode(arr, enc) {
88898902} , { } ] , 35 :[ function ( require , module , exports ) {
88908903module . exports = {
88918904 "name" : "elliptic" ,
8892- "version" : "6.6.0 " ,
8905+ "version" : "6.6.1 " ,
88938906 "description" : "EC cryptography" ,
88948907 "main" : "lib/elliptic.js" ,
88958908 "files" : [
0 commit comments