aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/ec_group
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2019-09-12 09:31:26 -0400
committerJack Lloyd <[email protected]>2019-09-12 09:35:43 -0400
commit321a50789e6eeda6898af114492445f0882ee70f (patch)
treea1f27ca37d1ba8cecc510813b7112108393a4a2a /src/lib/pubkey/ec_group
parent71a92630ac1e3d995a017610e82a62ad6c54d246 (diff)
Support loading an EC point with affine zero coordinates.
For example it is possible to construct a point with x coordinate of zero whenenver b has a square root modulo p. Found during integration with https://github.com/catenacyber/elliptic-curve-differential-fuzzer
Diffstat (limited to 'src/lib/pubkey/ec_group')
-rw-r--r--src/lib/pubkey/ec_group/point_gfp.cpp4
-rw-r--r--src/lib/pubkey/ec_group/point_gfp.h1
2 files changed, 3 insertions, 2 deletions
diff --git a/src/lib/pubkey/ec_group/point_gfp.cpp b/src/lib/pubkey/ec_group/point_gfp.cpp
index 5574a360c..9a9667175 100644
--- a/src/lib/pubkey/ec_group/point_gfp.cpp
+++ b/src/lib/pubkey/ec_group/point_gfp.cpp
@@ -30,9 +30,9 @@ PointGFp::PointGFp(const CurveGFp& curve, const BigInt& x, const BigInt& y) :
m_coord_y(y),
m_coord_z(m_curve.get_1_rep())
{
- if(x <= 0 || x >= curve.get_p())
+ if(x < 0 || x >= curve.get_p())
throw Invalid_Argument("Invalid PointGFp affine x");
- if(y <= 0 || y >= curve.get_p())
+ if(y < 0 || y >= curve.get_p())
throw Invalid_Argument("Invalid PointGFp affine y");
secure_vector<word> monty_ws(m_curve.get_ws_size());
diff --git a/src/lib/pubkey/ec_group/point_gfp.h b/src/lib/pubkey/ec_group/point_gfp.h
index a233c5b94..bddb6707b 100644
--- a/src/lib/pubkey/ec_group/point_gfp.h
+++ b/src/lib/pubkey/ec_group/point_gfp.h
@@ -96,6 +96,7 @@ class BOTAN_PUBLIC_API(2,0) PointGFp final
/**
* Construct a point from its affine coordinates
+ * Prefer EC_Group::point(x,y) for this operation.
* @param curve the base curve
* @param x affine x coordinate
* @param y affine y coordinate