diff -Nru opencryptoki-3.15.1+dfsg/debian/changelog opencryptoki-3.15.1+dfsg/debian/changelog
--- opencryptoki-3.15.1+dfsg/debian/changelog	2021-02-23 01:48:12.000000000 +0100
+++ opencryptoki-3.15.1+dfsg/debian/changelog	2021-07-29 10:22:13.000000000 +0200
@@ -1,3 +1,12 @@
+opencryptoki (3.15.1+dfsg-0ubuntu1.1) hirsute; urgency=medium
+
+  * d/p/lp1928780-Add-missing-return-codes.patch: Partial cherry-pick of
+    master as a prerequisite for the following fix.
+  * d/p/lp1928780-SOFT-Check-the-EC-Key-on-C_CreateObject-and-C_Derive.patch:
+    Cherry-picked to add checks preventing Invalid Curve attacks (LP: #1928780)
+
+ -- Simon Chopin <simon.chopin@canonical.com>  Thu, 29 Jul 2021 10:22:13 +0200
+
 opencryptoki (3.15.1+dfsg-0ubuntu1) hirsute; urgency=medium
 
   * New upstream release LP: #1906369.
diff -Nru opencryptoki-3.15.1+dfsg/debian/patches/lp1928780-Add-missing-return-codes.patch opencryptoki-3.15.1+dfsg/debian/patches/lp1928780-Add-missing-return-codes.patch
--- opencryptoki-3.15.1+dfsg/debian/patches/lp1928780-Add-missing-return-codes.patch	1970-01-01 01:00:00.000000000 +0100
+++ opencryptoki-3.15.1+dfsg/debian/patches/lp1928780-Add-missing-return-codes.patch	2021-07-29 10:22:13.000000000 +0200
@@ -0,0 +1,59 @@
+From 950de57292f10d03aa29676d6f8dd0669ce2a3b0 Mon Sep 17 00:00:00 2001
+From: Ingo Franzki <ifranzki@linux.ibm.com>
+Date: Wed, 21 Oct 2020 10:24:15 +0200
+Subject: [PATCH] Add missing return codes
+
+Update pkcs11types.h to define all return codes specified by
+PKCS#11.
+
+Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
+
+(Reduced to only CKR_PUBLIC_KEY_INVALID to limit potential breakage in
+backport)
+---
+ usr/include/pkcs11types.h  | 10 ++++++++++
+ 4 files changed, 46 insertions(+), 1 deletion(-)
+
+--- a/usr/include/pkcs11types.h
++++ b/usr/include/pkcs11types.h
+@@ -1092,6 +1092,8 @@
+ #define CKR_MUTEX_BAD                         0x000001A0
+ #define CKR_MUTEX_NOT_LOCKED                  0x000001A1
+ 
++#define CKR_PUBLIC_KEY_INVALID                0x000001B9
++
+ /* CKR_FUNCTION_REJECTED is new for v2.20 */
+ #define CKR_FUNCTION_REJECTED                 0x00000200
+ 
+--- a/usr/lib/common/p11util.c
++++ b/usr/lib/common/p11util.c
+@@ -108,6 +108,7 @@
+         _sym2str(CKR_MUTEX_BAD);
+         _sym2str(CKR_MUTEX_NOT_LOCKED);
+         _sym2str(CKR_FUNCTION_REJECTED);
++        _sym2str(CKR_PUBLIC_KEY_INVALID);
+     default:
+         return "UNKNOWN";
+     }
+--- a/usr/sbin/pkcscca/pkcscca.c
++++ b/usr/sbin/pkcscca/pkcscca.c
+@@ -2500,6 +2500,8 @@
+         return "CKR_MUTEX_BAD";
+     case CKR_MUTEX_NOT_LOCKED:
+         return "CKR_MUTEX_NOT_LOCKED";
++    case CKR_PUBLIC_KEY_INVALID:
++        return "CKR_PUBLIC_KEY_INVALID";
+     default:
+         return "UNKNOWN";
+     }
+--- a/usr/sbin/pkcsslotd/err.c
++++ b/usr/sbin/pkcsslotd/err.c
+@@ -300,7 +300,7 @@
+     CONSTINFO(CKR_MUTEX_NOT_LOCKED),
+     CONSTINFO(CKR_FUNCTION_REJECTED),
+     CONSTINFO(CKR_VENDOR_DEFINED),
+-
++    CONSTINFO(CKR_PUBLIC_KEY_INVALID),
+ };
+ 
+ 
diff -Nru opencryptoki-3.15.1+dfsg/debian/patches/lp1928780-SOFT-Check-the-EC-Key-on-C_CreateObject-and-C_Derive.patch opencryptoki-3.15.1+dfsg/debian/patches/lp1928780-SOFT-Check-the-EC-Key-on-C_CreateObject-and-C_Derive.patch
--- opencryptoki-3.15.1+dfsg/debian/patches/lp1928780-SOFT-Check-the-EC-Key-on-C_CreateObject-and-C_Derive.patch	1970-01-01 01:00:00.000000000 +0100
+++ opencryptoki-3.15.1+dfsg/debian/patches/lp1928780-SOFT-Check-the-EC-Key-on-C_CreateObject-and-C_Derive.patch	2021-07-29 10:22:13.000000000 +0200
@@ -0,0 +1,47 @@
+From 4e3b43c3d8844402c04a66b55c6c940f965109f0 Mon Sep 17 00:00:00 2001
+From: Ingo Franzki <ifranzki@linux.ibm.com>
+Date: Mon, 3 May 2021 10:05:07 +0200
+Subject: [PATCH] SOFT: Check the EC Key on C_CreateObject and C_DeriveKey
+
+When constructing an OpenSSL EC public or private key from PKCS#11
+attributes or ECDH public data, check that the key is valid, i.e. that
+the point is on the curve.
+
+This prevents one from creating an EC key object via C_CreateObject with
+invalid key data. It also prevents C_DeriveKey to derive a secret using
+ECDH with an EC public key (public data) that uses a different curve
+or is invalid by other means.
+
+Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
+---
+ usr/lib/soft_stdll/soft_specific.c | 12 ++++++++++++
+ 1 file changed, 12 insertions(+)
+
+--- a/usr/lib/soft_stdll/soft_specific.c
++++ b/usr/lib/soft_stdll/soft_specific.c
+@@ -4317,6 +4317,12 @@
+ 
+     rc = CKR_OK;
+ 
++    if (!EC_KEY_check_key(ec_key)) {
++        TRACE_ERROR("EC_KEY_check_key failed\n");
++        rc = CKR_PUBLIC_KEY_INVALID;
++        goto out;
++    }
++
+ out:
+     if (rc != CKR_OK) {
+         if (ec_key != NULL)
+@@ -4415,6 +4421,12 @@
+ 
+     rc = CKR_OK;
+ 
++    if (!EC_KEY_check_key(ec_key)) {
++        TRACE_ERROR("EC_KEY_check_key failed\n");
++        rc = CKR_FUNCTION_FAILED;
++        goto out;
++    }
++
+ out:
+     if (ctx)
+         BN_CTX_free(ctx);
diff -Nru opencryptoki-3.15.1+dfsg/debian/patches/series opencryptoki-3.15.1+dfsg/debian/patches/series
--- opencryptoki-3.15.1+dfsg/debian/patches/series	2021-02-23 01:48:12.000000000 +0100
+++ opencryptoki-3.15.1+dfsg/debian/patches/series	2021-07-29 10:22:13.000000000 +0200
@@ -7,3 +7,6 @@
 2d16f003911ceee50967546f4b3c7cac2db9ba86.patch
 f1f176cbb4183bcb8a0f7b4d7f649d84a731dd43.patch
 1e98001ff63cd7e75d95b4ea0d3d2a69965d8890.patch
+
+lp1928780-Add-missing-return-codes.patch
+lp1928780-SOFT-Check-the-EC-Key-on-C_CreateObject-and-C_Derive.patch