diff --git a/include/polarssl/ecp.h b/include/polarssl/ecp.h index a7f6258cb..55aa28263 100644 --- a/include/polarssl/ecp.h +++ b/include/polarssl/ecp.h @@ -201,6 +201,7 @@ int ecp_add( const ecp_group *grp, ecp_point *R, * * \return 0 if successful, * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + * POLARSSL_ERR_ECP_GENERIC if m < 0 */ int ecp_mul( const ecp_group *grp, ecp_point *R, const mpi *m, const ecp_point *P ); diff --git a/library/ecp.c b/library/ecp.c index 6ee8ff04e..a773416a9 100644 --- a/library/ecp.c +++ b/library/ecp.c @@ -709,19 +709,24 @@ cleanup: } /* - * Integer multiplication: R = m * P (GECC 5.7, SPA-resistant variant) + * Integer multiplication: R = m * P (GECC 5.7, SPA-resistant) */ int ecp_mul( const ecp_group *grp, ecp_point *R, const mpi *m, const ecp_point *P ) { - int ret; + int ret, cmp; size_t pos; ecp_ptjac Q[2]; + cmp = mpi_cmp_int( m, 0 ); + + if( cmp < 0 ) + return( POLARSSL_ERR_ECP_GENERIC ); + /* - * The general method works only for m >= 1 + * The general method works only for m != 0 */ - if( mpi_cmp_int( m, 0 ) == 0 ) { + if( cmp == 0 ) { ecp_set_zero( R ); return( 0 ); } diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data index 188d55822..816df7735 100644 --- a/tests/suites/test_suite_ecp.data +++ b/tests/suites/test_suite_ecp.data @@ -22,47 +22,50 @@ ecp_small_add:0:"37":"31":0:"37":"31":0:21:32 ECP small addition #8 ecp_small_add:0:"14":"11":0:"14":"11":0:27:30 +ECP small multiplication negative +ecp_small_mul:-1:0:0:0:POLARSSL_ERR_ECP_GENERIC + ECP small multiplication #0 -ecp_small_mul:0:1:0:0 +ecp_small_mul:0:1:0:0:0 ECP small multiplication #1 -ecp_small_mul:1:0:17:42 +ecp_small_mul:1:0:17:42:0 ECP small multiplication #2 -ecp_small_mul:2:0:20:01 +ecp_small_mul:2:0:20:01:0 ECP small multiplication #3 -ecp_small_mul:3:0:14:11 +ecp_small_mul:3:0:14:11:0 ECP small multiplication #4 -ecp_small_mul:4:0:34:33 +ecp_small_mul:4:0:34:33:0 ECP small multiplication #5 -ecp_small_mul:5:0:21:32 +ecp_small_mul:5:0:21:32:0 ECP small multiplication #6 -ecp_small_mul:6:0:27:30 +ecp_small_mul:6:0:27:30:0 ECP small multiplication #7 -ecp_small_mul:7:0:27:17 +ecp_small_mul:7:0:27:17:0 ECP small multiplication #8 -ecp_small_mul:8:0:21:15 +ecp_small_mul:8:0:21:15:0 ECP small multiplication #9 -ecp_small_mul:9:0:34:14 +ecp_small_mul:9:0:34:14:0 ECP small multiplication #10 -ecp_small_mul:10:0:14:36 +ecp_small_mul:10:0:14:36:0 ECP small multiplication #11 -ecp_small_mul:11:0:20:46 +ecp_small_mul:11:0:20:46:0 ECP small multiplication #12 -ecp_small_mul:12:0:17:05 +ecp_small_mul:12:0:17:05:0 ECP small multiplication #13 -ecp_small_mul:13:1:0:0 +ecp_small_mul:13:1:0:0:0 ECP mod p192 readable ecp_fast_mod:SECP192R1:"000000000000010500000000000001040000000000000103000000000000010200000000000001010000000000000100" diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function index 471bbec79..ff51a080e 100644 --- a/tests/suites/test_suite_ecp.function +++ b/tests/suites/test_suite_ecp.function @@ -54,7 +54,7 @@ ecp_small_add:a_zero:x_a:y_a:b_zero:x_b:y_b:c_zero:x_c:y_c END_CASE BEGIN_CASE -ecp_small_mul:m:r_zero:x_r:y_r +ecp_small_mul:m:r_zero:x_r:y_r:ret { ecp_group grp; ecp_point R; @@ -69,7 +69,7 @@ ecp_small_mul:m:r_zero:x_r:y_r TEST_ASSERT( mpi_lset( &m, {m} ) == 0 ); - TEST_ASSERT( ecp_mul( &grp, &R, &m, &grp.G ) == 0 ); + TEST_ASSERT( ecp_mul( &grp, &R, &m, &grp.G ) == {ret} ); if( {r_zero} ) TEST_ASSERT( R.is_zero );