EC only uses approved curves in FIPS mode.

[openssl.git] / crypto / ec / ec_check.c

diff --git a/crypto/ec/ec_check.c b/crypto/ec/ec_check.c
index 097d7e1cc542b7d46f2ce8ba44b509edf01bd521..315b9fd4dfadfed9eb956c47ba2e40d47644fd25 100644 (file)
--- a/crypto/ec/ec_check.c
+++ b/crypto/ec/ec_check.c
@@ -22,6 +22,13 @@ int EC_GROUP_check_named_curve(const EC_GROUP *group, int nist_only)
 
 int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
 {
+#ifdef FIPS_MODE
+    /*
+    * ECC domain parameter validation.
+    * See SP800-56A R3 5.5.2 "Assurances of Domain-Parameter Validity" Part 1b.
+    */
+    return EC_GROUP_check_named_curve(group, 1) >= 0 ? 1 : 0;
+#else
     int ret = 0;
     const BIGNUM *order;
     BN_CTX *new_ctx = NULL;
@@ -84,4 +91,5 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
     BN_CTX_free(new_ctx);
     EC_POINT_free(point);
     return ret;
+#endif /* FIPS_MODE */
 }