Replace PointGFp::check_invaraints, which would either return silently

or throw an exception, with PointGFp::on_the_curve, which returns a bool.

Update callers.

This showed several cases where check_invaraints was being called
multiple times, for instance when decoding a point with OS2ECP,
check_invaraints was called; many callers of OS2ECP would then call
check_invaraints again on the same object.

4 files changed, 12 insertions, 42 deletions

diff --git a/src/pubkey/ec_dompar/ec_dompar.cpp b/src/pubkey/ec_dompar/ec_dompar.cpp
index 3512060d1..b0aa7a87a 100644
--- a/src/pubkey/ec_dompar/ec_dompar.cpp
+++ b/src/pubkey/ec_dompar/ec_dompar.cpp
@@ -77,7 +77,6 @@ EC_Domain_Params::EC_Domain_Params(const MemoryRegion<byte>& ber_data)
 
       curve = CurveGFp(p, a, b);
       base_point = OS2ECP(sv_base_point, curve);
-      base_point.check_invariants();
       }
    else
       throw Decoding_Error("Unexpected tag while decoding ECC domain params");
diff --git a/src/pubkey/ecc_key/ecc_key.cpp b/src/pubkey/ecc_key/ecc_key.cpp
index fdb29b29f..2c66dc97f 100644
--- a/src/pubkey/ecc_key/ecc_key.cpp
+++ b/src/pubkey/ecc_key/ecc_key.cpp
@@ -25,14 +25,8 @@ EC_PublicKey::EC_PublicKey(const EC_Domain_Params& dom_par,
    if(domain().get_curve() != public_point().get_curve())
       throw Invalid_Argument("EC_PublicKey: curve mismatch in constructor");
 
-   try
-      {
-      public_key.check_invariants();
-      }
-   catch(Illegal_Point)
-      {
-      throw Invalid_State("Public key failed invariant check");
-      }
+   if(!public_point().on_the_curve())
+      throw Invalid_State("Public key was not on the curve");
    }
 
 EC_PublicKey::EC_PublicKey(const AlgorithmIdentifier& alg_id,
@@ -41,16 +35,7 @@ EC_PublicKey::EC_PublicKey(const AlgorithmIdentifier& alg_id,
    domain_params = EC_Domain_Params(alg_id.parameters);
    domain_encoding = EC_DOMPAR_ENC_EXPLICIT;
 
-   public_key = PointGFp(OS2ECP(key_bits, domain().get_curve()));
-
-   try
-      {
-      public_point().check_invariants();
-      }
-   catch(Illegal_Point)
-      {
-      throw Decoding_Error("Invalid public point; not on curve");
-      }
+   public_key = OS2ECP(key_bits, domain().get_curve());
    }
 
 AlgorithmIdentifier EC_PublicKey::algorithm_identifier() const
@@ -111,14 +96,8 @@ EC_PrivateKey::EC_PrivateKey(RandomNumberGenerator& rng,
    private_key = BigInt::random_integer(rng, 1, domain().get_order());
    public_key = domain().get_base_point() * private_key;
 
-   try
-      {
-      public_key.check_invariants();
-      }
-   catch(Illegal_Point)
-      {
+   if(!public_key.on_the_curve())
       throw Internal_Error("ECC private key generation failed");
-      }
    }
 
 MemoryVector<byte> EC_PrivateKey::pkcs8_private_key() const
@@ -147,14 +126,8 @@ EC_PrivateKey::EC_PrivateKey(const AlgorithmIdentifier& alg_id,
 
    public_key = domain().get_base_point() * private_key;
 
-   try
-      {
-      public_key.check_invariants();
-      }
-   catch(Illegal_Point)
-      {
+   if(!public_key.on_the_curve())
       throw Internal_Error("Loaded ECC private key failed self test");
-      }
    }
 
 }
diff --git a/src/pubkey/ecdh/ecdh.cpp b/src/pubkey/ecdh/ecdh.cpp
index bf8a57b3b..8d13e7f65 100644
--- a/src/pubkey/ecdh/ecdh.cpp
+++ b/src/pubkey/ecdh/ecdh.cpp
@@ -24,7 +24,9 @@ SecureVector<byte> ECDH_KA_Operation::agree(const byte w[], u32bit w_len)
    PointGFp point = OS2ECP(w, w_len, curve);
 
    PointGFp S = (cofactor * point) * l_times_priv;
-   S.check_invariants();
+
+   if(!S.on_the_curve())
+      throw Internal_Error("ECDH: Agreed value was not on the curve");
 
    return BigInt::encode_1363(S.get_affine_x(),
                               curve.get_p().bytes());
diff --git a/src/pubkey/gost_3410/gost_3410.cpp b/src/pubkey/gost_3410/gost_3410.cpp
index e6f68526e..74b39d50b 100644
--- a/src/pubkey/gost_3410/gost_3410.cpp
+++ b/src/pubkey/gost_3410/gost_3410.cpp
@@ -74,14 +74,8 @@ GOST_3410_PublicKey::GOST_3410_PublicKey(const AlgorithmIdentifier& alg_id,
 
    public_key = PointGFp(domain().get_curve(), x, y);
 
-   try
-      {
-      public_key.check_invariants();
-      }
-   catch(Illegal_Point)
-      {
+   if(!public_key.on_the_curve())
       throw Internal_Error("Loaded GOST 34.10 public key failed self test");
-      }
    }
 
 namespace {
@@ -123,7 +117,9 @@ GOST_3410_Signature_Operation::sign(const byte msg[], u32bit msg_len,
       e = 1;
 
    PointGFp k_times_P = base_point * k;
-   k_times_P.check_invariants();
+
+   if(!k_times_P.on_the_curve())
+      throw Internal_Error("GOST 34.10 k*g not on the curve");
 
    BigInt r = k_times_P.get_affine_x() % order;