diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2022-11-24 16:34:14 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2022-11-24 16:34:14 +0000 |
| commit | b524af3c5bff7353c41a4f8ce9e484ac277e716e (patch) | |
| tree | a9cfc02be2a5cd0fe7aab910130bb9843e0ed1c4 /lib/libcrypto/ec | |
| parent | 3868ef76fa1b681cdd9348957ce6ee4a38f83b80 (diff) | |
Simplify y_bit handling in compressed coordinates
If y_bit is set for a zero y, something is wrong and we can error directly.
No need to run the non-trivial BN_kronecker() to check if BN_mod_sqrt()
lied or not, only to set a more specific error code.
ok jsing
Diffstat (limited to 'lib/libcrypto/ec')
| -rw-r--r-- | lib/libcrypto/ec/ecp_oct.c | 17 |
1 files changed, 2 insertions, 15 deletions
diff --git a/lib/libcrypto/ec/ecp_oct.c b/lib/libcrypto/ec/ecp_oct.c index 7c29e7e6128..5e3484e2bcf 100644 --- a/lib/libcrypto/ec/ecp_oct.c +++ b/lib/libcrypto/ec/ecp_oct.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecp_oct.c,v 1.16 2022/11/19 07:29:29 tb Exp $ */ +/* $OpenBSD: ecp_oct.c,v 1.17 2022/11/24 16:34:13 tb Exp $ */ /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> * for the OpenSSL project. * Includes code written by Bodo Moeller for the OpenSSL project. @@ -162,20 +162,7 @@ ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, } if (y_bit != BN_is_odd(y)) { if (BN_is_zero(y)) { - int kron; - - kron = BN_kronecker(x, &group->field, ctx); - if (kron == -2) - goto err; - - if (kron == 1) - ECerror(EC_R_INVALID_COMPRESSION_BIT); - else - /* - * BN_mod_sqrt() should have cought this - * error (not a square) - */ - ECerror(EC_R_INVALID_COMPRESSED_POINT); + ECerror(EC_R_INVALID_COMPRESSION_BIT); goto err; } if (!BN_usub(y, &group->field, y)) |