Centralize everything to EccPoint_mult_safer()

This will make easier to add future counter-measures in a single place.

In practice this change means that:

- compute_public_key() now uses projective coordinate randomisation, which it
  should as this is a protection against Template Attacks for example.
- mult_safer() now checks that the result is not the point at infinity, which
  it can as the result is indeed never expected to be that

tinycrypt/ecc.c

@@ -951,6 +951,12 @@ int EccPoint_mult_safer(uECC_word_t * result, const uECC_word_t * point,
 	}
 
 	EccPoint_mult(result, point, k2[!carry], initial_Z);
+
+	if (EccPoint_isZero(result, curve)) {
+		r = 0;
+		goto clear_and_out;
+	}
+
 	r = 1;
 
 clear_and_out:
@@ -966,25 +972,7 @@ uECC_word_t EccPoint_compute_public_key(uECC_word_t *result,
 					uECC_word_t *private_key,
 					uECC_Curve curve)
 {
-
+	return EccPoint_mult_safer(result, curve->G, private_key, curve);
-	uECC_word_t tmp1[NUM_ECC_WORDS];
- 	uECC_word_t tmp2[NUM_ECC_WORDS];
-	uECC_word_t *p2[2] = {tmp1, tmp2};
-	uECC_word_t carry;
-
-	if (curve != uECC_secp256r1())
-		return 0;
-
-	/* Regularize the bitcount for the private key so that attackers cannot
-	 * use a side channel attack to learn the number of leading zeros. */
-	carry = regularize_k(private_key, tmp1, tmp2);
-
-	EccPoint_mult(result, curve->G, p2[!carry], 0);
-
-	if (EccPoint_isZero(result, curve)) {
-		return 0;
-	}
-	return 1;
 }
 
 /* Converts an integer in uECC native format to big-endian bytes. */