From b7a9853afdd186a26b5eeec8d4d249497c54aa58 Mon Sep 17 00:00:00 2001
From: minosgalanakis <30719586+minosgalanakis@users.noreply.github.com>
Date: Thu, 22 Aug 2024 13:22:26 +0100
Subject: [PATCH] Update tf-psa-crypto/drivers/builtin/src/ecp.c

Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: minosgalanakis <30719586+minosgalanakis@users.noreply.github.com>
---
 library/ecp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/ecp.c b/library/ecp.c
index 427059bb53..fdd00a59c5 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -3056,7 +3056,7 @@ int mbedtls_ecp_check_privkey(const mbedtls_ecp_group *grp,
         /* see RFC 7748 sec. 5 para. 5 */
         if (mbedtls_mpi_get_bit(d, 0) != 0 ||
             mbedtls_mpi_get_bit(d, 1) != 0 ||
-            mbedtls_mpi_bitlen(d) - 1 != grp->nbits) {  /* mbedtls_mpi_bitlen is one-based! */
+            mbedtls_mpi_bitlen(d) != grp->nbits + 1) {  /* mbedtls_mpi_bitlen is one-based! */
             return MBEDTLS_ERR_ECP_INVALID_KEY;
         }