Add EC_Group::verify_public_element

3 files changed, 33 insertions, 28 deletions

diff --git a/src/lib/pubkey/ec_group/ec_group.cpp b/src/lib/pubkey/ec_group/ec_group.cpp
index 102eed6e5..a8d5136c8 100644
--- a/src/lib/pubkey/ec_group/ec_group.cpp
+++ b/src/lib/pubkey/ec_group/ec_group.cpp
@@ -536,6 +536,29 @@ bool EC_Group::operator==(const EC_Group& other) const
            get_base_point() == other.get_base_point());
    }
 
+bool EC_Group::verify_public_element(const PointGFp& point) const
+   {
+   //check that public point is not at infinity
+   if(point.is_zero())
+      return false;
+
+   //check that public point is on the curve
+   if(point.on_the_curve() == false)
+      return false;
+
+   //check that public point has order q
+   if((point * get_order()).is_zero() == false)
+      return false;
+
+   if(get_cofactor() > 1)
+      {
+      if((point * get_cofactor()).is_zero())
+         return false;
+      }
+
+   return true;
+   }
+
 bool EC_Group::verify_group(RandomNumberGenerator& rng,
                             bool) const
    {
diff --git a/src/lib/pubkey/ec_group/ec_group.h b/src/lib/pubkey/ec_group/ec_group.h
index 2baa2555e..5b2a25756 100644
--- a/src/lib/pubkey/ec_group/ec_group.h
+++ b/src/lib/pubkey/ec_group/ec_group.h
@@ -195,6 +195,14 @@ class BOTAN_PUBLIC_API(2,0) EC_Group final
       const BigInt& get_cofactor() const;
 
       /**
+      * Check if y is a plausible point on the curve
+      *
+      * In particular, checks that it is a point on the curve, not infinity,
+      * and that it has order matching the group.
+      */
+      bool verify_public_element(const PointGFp& y) const;
+
+      /**
       * Return the OID of these domain parameters
       * @result the OID as a string
       */
diff --git a/src/lib/pubkey/ecc_key/ecc_key.cpp b/src/lib/pubkey/ecc_key/ecc_key.cpp
index 17b6e6484..baf99fb78 100644
--- a/src/lib/pubkey/ecc_key/ecc_key.cpp
+++ b/src/lib/pubkey/ecc_key/ecc_key.cpp
@@ -56,34 +56,8 @@ EC_PublicKey::EC_PublicKey(const AlgorithmIdentifier& alg_id,
 bool EC_PublicKey::check_key(RandomNumberGenerator& rng,
                              bool) const
    {
-   //verify domain parameters
-   if(!m_domain_params.verify_group(rng))
-      {
-      return false;
-      }
-   //check that public point is not at infinity
-   if(public_point().is_zero())
-      {
-      return false;
-      }
-   //check that public point is on the curve
-   if(!public_point().on_the_curve())
-      {
-      return false;
-      }
-   if(m_domain_params.get_cofactor() > 1)
-      {
-      if((public_point() * m_domain_params.get_cofactor()).is_zero())
-         {
-         return false;
-         }
-      //check that public point has order q
-      if(!(public_point() * m_domain_params.get_order()).is_zero())
-         {
-         return false;
-         }
-      }
-   return true;
+   return m_domain_params.verify_group(rng) &&
+          m_domain_params.verify_public_element(public_point());
    }