ECKey: Check that constructed private key doesn't exceed 32 bytes.

core/src/main/java/org/bitcoinj/core/ECKey.java

@@ -185,18 +185,18 @@ public class ECKey implements EncryptableItem {
     }
 
     protected ECKey(@Nullable BigInteger priv, ECPoint pub) {
+        this(priv, new LazyECPoint(checkNotNull(pub)));
+    }
+
+    protected ECKey(@Nullable BigInteger priv, LazyECPoint pub) {
         if (priv != null) {
+            checkArgument(priv.bitLength() <= 32 * 8, "private key exceeds 32 bytes: {} bits", priv.bitLength());
             // Try and catch buggy callers or bad key imports, etc. Zero and one are special because these are often
             // used as sentinel values and because scripting languages have a habit of auto-casting true and false to
             // 1 and 0 or vice-versa. Type confusion bugs could therefore result in private keys with these values.
             checkArgument(!priv.equals(BigInteger.ZERO));
             checkArgument(!priv.equals(BigInteger.ONE));
         }
-        this.priv = priv;
-        this.pub = new LazyECPoint(checkNotNull(pub));
-    }
-
-    protected ECKey(@Nullable BigInteger priv, LazyECPoint pub) {
         this.priv = priv;
         this.pub = checkNotNull(pub);
     }

core/src/test/java/org/bitcoinj/core/ECKeyTest.java

@@ -464,4 +464,11 @@ public class ECKeyTest {
         assertEquals(pubKey1, pubKey2);
         assertEquals(pubKey1.hashCode(), pubKey2.hashCode());
     }
+
+    @Test(expected = IllegalArgumentException.class)
+    public void fromPrivate_exceedsSize() {
+        final byte[] bytes = new byte[33];
+        bytes[0] = 42;
+        ECKey.fromPrivate(bytes);
+    }
 }