Public_key: fix check for x and y size

the x and y needs to be on curve, so they need to be smaller than the
curve's prime, not the base point order

See Section 3.2.2.1 of SEC 1 v2

Author: tomato42

src/ecdsa/ecdsa.py

@@ -112,7 +112,7 @@ def __init__(self, generator, point, verify=True):
     """
     Low level ECDSA public key object.
 
-    :param generator: the Point that generates the group
+    :param generator: the Point that generates the group (the base point)
     :param point: the Point that defines the public key
     :param bool verify: if True check if point is valid point on curve
 
@@ -124,8 +124,9 @@ def __init__(self, generator, point, verify=True):
     self.generator = generator
     self.point = point
     n = generator.order()
-    if point.x() < 0 or n <= point.x() or point.y() < 0 or n <= point.y():
-      raise InvalidPointError("Generator point has x or y out of range.")
+    p = self.curve.p()
+    if not (0 <= point.x() < p) or not (0 <= point.y() < p):
+      raise InvalidPointError("The public point has x or y out of range.")
     if verify and not self.curve.contains_point(point.x(), point.y()):
         raise InvalidPointError("Point does not lie on the curve")
     if not n:
@@ -266,7 +267,8 @@ def point_is_valid(generator, x, y):
 
   n = generator.order()
   curve = generator.curve()
-  if x < 0 or n <= x or y < 0 or n <= y:
+  p = curve.p()
+  if not (0 <= x < p) or not (0 <= y < p):
     return False
   if not curve.contains_point(x, y):
     return False

src/ecdsa/test_pyecdsa.py

@@ -621,7 +621,7 @@ def test_decoding_with_point_at_infinity(self):
             VerifyingKey.from_string(b('\x00'))
 
     def test_not_lying_on_curve(self):
-        enc = number_to_string(NIST192p.order, NIST192p.order+1)
+        enc = number_to_string(NIST192p.curve.p(), NIST192p.curve.p()+1)
 
         with self.assertRaises(MalformedPointError):
             VerifyingKey.from_string(b('\x02') + enc)