From 144b19be9afadbcd18f9ee06c121c6435df6ee16 Mon Sep 17 00:00:00 2001 From: tb Date: Tue, 7 Feb 2023 09:00:48 +0000 Subject: [PATCH] libcrypto/ec: another missing point-on-curve check Unlike in the affine/compressed/... cases, when setting projective coordinates of an elliptic curve point, there is no check whether the point is actually on the curve. Pointed out by Guido Vranken ok beck miod --- lib/libcrypto/ec/ec_lib.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/lib/libcrypto/ec/ec_lib.c b/lib/libcrypto/ec/ec_lib.c index 5ad535f7ec4..2a99f8d4907 100644 --- a/lib/libcrypto/ec/ec_lib.c +++ b/lib/libcrypto/ec/ec_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_lib.c,v 1.47 2022/11/26 16:08:52 tb Exp $ */ +/* $OpenBSD: ec_lib.c,v 1.48 2023/02/07 09:00:48 tb Exp $ */ /* * Originally written by Bodo Moeller for the OpenSSL project. */ @@ -949,8 +949,14 @@ EC_POINT_set_Jprojective_coordinates(const EC_GROUP *group, EC_POINT *point, ECerror(EC_R_INCOMPATIBLE_OBJECTS); return 0; } - return group->meth->point_set_Jprojective_coordinates(group, point, - x, y, z, ctx); + if (!group->meth->point_set_Jprojective_coordinates(group, point, + x, y, z, ctx)) + return 0; + if (EC_POINT_is_on_curve(group, point, ctx) <= 0) { + ECerror(EC_R_POINT_IS_NOT_ON_CURVE); + return 0; + } + return 1; } int -- 2.20.1