From a7743db86d912f8910248258b71583da281a5f6e Mon Sep 17 00:00:00 2001
From: Nikita Skovoroda <chalkerx@gmail.com>
Date: Fri, 18 Oct 2024 09:15:31 +0300
Subject: [PATCH] Merge commit from fork

---
 lib/elliptic.js   | 4 ++++
 test/publickey.js | 6 ++++++
 2 files changed, 10 insertions(+)

diff --git a/lib/elliptic.js b/lib/elliptic.js
index bd48ec1..d70cf8f 100644
--- a/lib/elliptic.js
+++ b/lib/elliptic.js
@@ -18,6 +18,10 @@ function loadCompressedPublicKey (first, xbuf) {
   let y = x.redSqr().redIMul(x).redIAdd(ecparams.b).redSqrt()
   if ((first === 0x03) !== y.isOdd()) y = y.redNeg()
 
+  // x*x*x + b = y*y
+  const x3 = x.redSqr().redIMul(x)
+  if (!y.redSqr().redISub(x3.redIAdd(ecparams.b)).isZero()) return null
+
   return ec.keyPair({ pub: { x: x, y: y } })
 }
 
diff --git a/test/publickey.js b/test/publickey.js
index e8f3cec..aeb4428 100644
--- a/test/publickey.js
+++ b/test/publickey.js
@@ -32,6 +32,12 @@ module.exports = (t, secp256k1) => {
       invalidLength[0] = publicKey.compressed[0]
       t.false(secp256k1.publicKeyVerify(invalidLength), 'invalid length')
 
+      const zeroUncompressed = Buffer.concat([Buffer.from([0x04]), Buffer.alloc(64)])
+      t.false(secp256k1.publicKeyVerify(zeroUncompressed), 'zero uncompressed')
+
+      const zeroCompressed = Buffer.concat([Buffer.from([0x02]), Buffer.alloc(32)])
+      t.false(secp256k1.publicKeyVerify(zeroCompressed), 'zero compressed')
+
       t.end()
     })