diff options
author | Nicola Tuveri <nic.tuv@gmail.com> | 2018-04-20 11:13:40 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-04-23 19:14:25 +0100 |
commit | 736b31e5ea33166d89d5cff5774697d0c15d96bd (patch) | |
tree | ef93f22a092f04c013d48fee20e428bab683bf3b /crypto/ec/ec_mult.c | |
parent | f4675379275c304dbfa593cc573b4e4c4eb54bd4 (diff) |
Move up check for EC_R_INCOMPATIBLE_OBJECTS and for the point at infinity case
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6009)
Diffstat (limited to 'crypto/ec/ec_mult.c')
-rw-r--r-- | crypto/ec/ec_mult.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index 801726f9f5..1ed7449228 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -372,6 +372,15 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, * precomputation is not available */ int ret = 0; + if (group->meth != r->meth) { + ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS); + return 0; + } + + if ((scalar == NULL) && (num == 0)) { + return EC_POINT_set_to_infinity(group, r); + } + /*- * Handle the common cases where the scalar is secret, enforcing a constant * time scalar multiplication algorithm. @@ -398,15 +407,6 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, return ec_mul_consttime(group, r, scalars[0], points[0], ctx); } - if (group->meth != r->meth) { - ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS); - return 0; - } - - if ((scalar == NULL) && (num == 0)) { - return EC_POINT_set_to_infinity(group, r); - } - for (i = 0; i < num; i++) { if (group->meth != points[i]->meth) { ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS); |