From 68886be7e2cd395a759fcd41d2cede461b68843d Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 4 Jun 2015 14:22:00 +0100 Subject: EC_POINT_is_on_curve does not return a boolean The function EC_POINT_is_on_curve does not return a boolean value. It returns 1 if the point is on the curve, 0 if it is not, and -1 on error. Many usages within OpenSSL were incorrectly using this function and therefore not correctly handling error conditions. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: Kurt Roeckx --- crypto/ec/ecp_oct.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'crypto/ec/ecp_oct.c') diff --git a/crypto/ec/ecp_oct.c b/crypto/ec/ecp_oct.c index a68b559..8bb7aa3 100644 --- a/crypto/ec/ecp_oct.c +++ b/crypto/ec/ecp_oct.c @@ -410,7 +410,7 @@ int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, } /* test required by X9.62 */ - if (!EC_POINT_is_on_curve(group, point, ctx)) { + if (EC_POINT_is_on_curve(group, point, ctx) <= 0) { ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } -- cgit v1.1