50 lines
1.4 KiB
Diff
50 lines
1.4 KiB
Diff
From 5dc91f44a90b72f5c0a79ab9a19d0f2fa0bbac1f Mon Sep 17 00:00:00 2001
|
|
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
|
|
Date: Mon, 6 Apr 2020 10:41:36 +0200
|
|
Subject: [PATCH 010/217] Fix the error handling in EC_POINTs_mul
|
|
|
|
This was pointed out by a false-positive
|
|
-fsanitizer warning ;-)
|
|
|
|
However from the cryptographical POV the
|
|
code is wrong:
|
|
A point R^0 on the wrong curve
|
|
is infinity on the wrong curve.
|
|
|
|
[extended tests]
|
|
|
|
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
|
|
(Merged from https://github.com/openssl/openssl/pull/11475)
|
|
|
|
(cherry picked from commit 1eb9b54af7e00fa12196411964ce742ea8677766)
|
|
---
|
|
crypto/ec/ec_lib.c | 8 ++++----
|
|
1 file changed, 4 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
|
|
index 3554ada..22b00e2 100644
|
|
--- a/crypto/ec/ec_lib.c
|
|
+++ b/crypto/ec/ec_lib.c
|
|
@@ -1007,14 +1007,14 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
|
|
size_t i = 0;
|
|
BN_CTX *new_ctx = NULL;
|
|
|
|
- if ((scalar == NULL) && (num == 0)) {
|
|
- return EC_POINT_set_to_infinity(group, r);
|
|
- }
|
|
-
|
|
if (!ec_point_is_compat(r, group)) {
|
|
ECerr(EC_F_EC_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS);
|
|
return 0;
|
|
}
|
|
+
|
|
+ if (scalar == NULL && num == 0)
|
|
+ return EC_POINT_set_to_infinity(group, r);
|
|
+
|
|
for (i = 0; i < num; i++) {
|
|
if (!ec_point_is_compat(points[i], group)) {
|
|
ECerr(EC_F_EC_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS);
|
|
--
|
|
1.8.3.1
|
|
|