Do not accept EC signatures when the public point is invalid

Force g*x+p*y to the point at infinity if g or p is not a valid point. This does not seem to be a security issue since if you can control the public point you can just use a regular key and sign whatever you like. Still, it's odd to accept anything here, and easy to prevent it. Found by CryptoFuzz reported offline by @guidovranken
author: Jack Lloyd <[email protected]> 2020-11-30 09:37:28 -0500
committer: Jack Lloyd <[email protected]> 2020-11-30 09:40:08 -0500
commit: 92cd9ad72184bacacb7682c1b65ff040ab2347ee (patch)
tree: a0d04be4e669f3a5a16cc6858b746947435279fd /src/tests/test_pubkey.cpp
parent: 3415450e4c71a0dd93371ca9554229f37774aad3 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/src/tests/test_pubkey.cpp b/src/tests/test_pubkey.cpp
index 3e3001a86..03f57c922 100644
--- a/src/tests/test_pubkey.cpp
+++ b/src/tests/test_pubkey.cpp
@@ -237,7 +237,9 @@ PK_Signature_Verification_Test::run_one_test(const std::string& pad_hdr, const V
                   }
                }
             else
-               result.test_eq("incorrect signature invalid", verified, false);
+               {
+               result.confirm("incorrect signature is rejected", verified == false);
+               }
             }
          catch(std::exception& e)
             {
author	Jack Lloyd <[email protected]>	2020-11-30 09:37:28 -0500
committer	Jack Lloyd <[email protected]>	2020-11-30 09:40:08 -0500
commit	92cd9ad72184bacacb7682c1b65ff040ab2347ee (patch)
tree	a0d04be4e669f3a5a16cc6858b746947435279fd /src/tests/test_pubkey.cpp
parent	3415450e4c71a0dd93371ca9554229f37774aad3 (diff)