diff options
author | Matt Caswell <matt@openssl.org> | 2015-06-04 14:22:00 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-06-10 10:57:05 +0100 |
commit | cb9f1bc1d118bfe17d7c3004bbf33746df1855bd (patch) | |
tree | 145e1e9fb36c717b453cbe70908b0ccaf00c0bfc /crypto/ec/ec_check.c | |
parent | 9545eac45bc79496763d2ded02629f88a8629fb9 (diff) |
EC_POINT_is_on_curve does not return a boolean
The function EC_POINT_is_on_curve does not return a boolean value.
It returns 1 if the point is on the curve, 0 if it is not, and -1
on error. Many usages within OpenSSL were incorrectly using this
function and therefore not correctly handling error conditions.
With thanks to the Open Crypto Audit Project for reporting this issue.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 68886be7e2cd395a759fcd41d2cede461b68843d)
Conflicts:
crypto/ec/ec2_oct.c
crypto/ec/ecp_oct.c
crypto/ec/ectest.c
Diffstat (limited to 'crypto/ec/ec_check.c')
-rw-r--r-- | crypto/ec/ec_check.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/ec/ec_check.c b/crypto/ec/ec_check.c index d3f534999e..dd6f0ac409 100644 --- a/crypto/ec/ec_check.c +++ b/crypto/ec/ec_check.c @@ -85,7 +85,7 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx) ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_GENERATOR); goto err; } - if (!EC_POINT_is_on_curve(group, group->generator, ctx)) { + if (EC_POINT_is_on_curve(group, group->generator, ctx) <= 0) { ECerr(EC_F_EC_GROUP_CHECK, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } |