-/* crypto/ec/ec_check.c */
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
#include <openssl/err.h>
int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
- {
- int ret = 0;
- BIGNUM *order;
- BN_CTX *new_ctx = NULL;
- EC_POINT *point = NULL;
+{
+ int ret = 0;
+ const BIGNUM *order;
+ BN_CTX *new_ctx = NULL;
+ EC_POINT *point = NULL;
- if (ctx == NULL)
- {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
- {
- ECerr(EC_F_EC_GROUP_CHECK, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- }
- BN_CTX_start(ctx);
- if ((order = BN_CTX_get(ctx)) == NULL) goto err;
+ /* Custom curves assumed to be correct */
+ if ((group->meth->flags & EC_FLAGS_CUSTOM_CURVE) != 0)
+ return 1;
- /* check the discriminant */
- if (!EC_GROUP_check_discriminant(group, ctx))
- {
- ECerr(EC_F_EC_GROUP_CHECK, EC_R_DISCRIMINANT_IS_ZERO);
- goto err;
- }
+ if (ctx == NULL) {
+ ctx = new_ctx = BN_CTX_new();
+ if (ctx == NULL) {
+ ECerr(EC_F_EC_GROUP_CHECK, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+ BN_CTX_start(ctx);
+ if ((order = BN_CTX_get(ctx)) == NULL)
+ goto err;
- /* check the generator */
- if (group->generator == NULL)
- {
- ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_GENERATOR);
- goto err;
- }
- if (!EC_POINT_is_on_curve(group, group->generator, ctx))
- {
- ECerr(EC_F_EC_GROUP_CHECK, EC_R_POINT_IS_NOT_ON_CURVE);
- goto err;
- }
+ /* check the discriminant */
+ if (!EC_GROUP_check_discriminant(group, ctx)) {
+ ECerr(EC_F_EC_GROUP_CHECK, EC_R_DISCRIMINANT_IS_ZERO);
+ goto err;
+ }
- /* check the order of the generator */
- if ((point = EC_POINT_new(group)) == NULL) goto err;
- if (!EC_GROUP_get_order(group, order, ctx)) goto err;
- if (BN_is_zero(order))
- {
- ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_ORDER);
- goto err;
- }
-
- if (!EC_POINT_mul(group, point, order, NULL, NULL, ctx)) goto err;
- if (!EC_POINT_is_at_infinity(group, point))
- {
- ECerr(EC_F_EC_GROUP_CHECK, EC_R_INVALID_GROUP_ORDER);
- goto err;
- }
+ /* check the generator */
+ if (group->generator == NULL) {
+ ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_GENERATOR);
+ goto err;
+ }
+ if (EC_POINT_is_on_curve(group, group->generator, ctx) <= 0) {
+ ECerr(EC_F_EC_GROUP_CHECK, EC_R_POINT_IS_NOT_ON_CURVE);
+ goto err;
+ }
- ret = 1;
+ /* check the order of the generator */
+ if ((point = EC_POINT_new(group)) == NULL)
+ goto err;
+ order = EC_GROUP_get0_order(group);
+ if (order == NULL)
+ goto err;
+ if (BN_is_zero(order)) {
+ ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_ORDER);
+ goto err;
+ }
-err:
- BN_CTX_end(ctx);
- if (new_ctx != NULL)
- BN_CTX_free(new_ctx);
- if (point)
- EC_POINT_free(point);
- return ret;
- }
+ if (!EC_POINT_mul(group, point, order, NULL, NULL, ctx))
+ goto err;
+ if (!EC_POINT_is_at_infinity(group, point)) {
+ ECerr(EC_F_EC_GROUP_CHECK, EC_R_INVALID_GROUP_ORDER);
+ goto err;
+ }
+
+ ret = 1;
+
+ err:
+ if (ctx != NULL)
+ BN_CTX_end(ctx);
+ BN_CTX_free(new_ctx);
+ EC_POINT_free(point);
+ return ret;
+}
projects / openssl.git / blobdiff