Multiplication by negative is now forbidden
diff --git a/include/polarssl/ecp.h b/include/polarssl/ecp.h
index a7f6258..55aa282 100644
--- a/include/polarssl/ecp.h
+++ b/include/polarssl/ecp.h
@@ -201,6 +201,7 @@
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
+ * POLARSSL_ERR_ECP_GENERIC if m < 0
*/
int ecp_mul( const ecp_group *grp, ecp_point *R,
const mpi *m, const ecp_point *P );
diff --git a/library/ecp.c b/library/ecp.c
index 6ee8ff0..a773416 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -709,19 +709,24 @@
}
/*
- * Integer multiplication: R = m * P (GECC 5.7, SPA-resistant variant)
+ * Integer multiplication: R = m * P (GECC 5.7, SPA-resistant)
*/
int ecp_mul( const ecp_group *grp, ecp_point *R,
const mpi *m, const ecp_point *P )
{
- int ret;
+ int ret, cmp;
size_t pos;
ecp_ptjac Q[2];
+ cmp = mpi_cmp_int( m, 0 );
+
+ if( cmp < 0 )
+ return( POLARSSL_ERR_ECP_GENERIC );
+
/*
- * The general method works only for m >= 1
+ * The general method works only for m != 0
*/
- if( mpi_cmp_int( m, 0 ) == 0 ) {
+ if( cmp == 0 ) {
ecp_set_zero( R );
return( 0 );
}
diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data
index 188d558..816df77 100644
--- a/tests/suites/test_suite_ecp.data
+++ b/tests/suites/test_suite_ecp.data
@@ -22,47 +22,50 @@
ECP small addition #8
ecp_small_add:0:"14":"11":0:"14":"11":0:27:30
+ECP small multiplication negative
+ecp_small_mul:-1:0:0:0:POLARSSL_ERR_ECP_GENERIC
+
ECP small multiplication #0
-ecp_small_mul:0:1:0:0
+ecp_small_mul:0:1:0:0:0
ECP small multiplication #1
-ecp_small_mul:1:0:17:42
+ecp_small_mul:1:0:17:42:0
ECP small multiplication #2
-ecp_small_mul:2:0:20:01
+ecp_small_mul:2:0:20:01:0
ECP small multiplication #3
-ecp_small_mul:3:0:14:11
+ecp_small_mul:3:0:14:11:0
ECP small multiplication #4
-ecp_small_mul:4:0:34:33
+ecp_small_mul:4:0:34:33:0
ECP small multiplication #5
-ecp_small_mul:5:0:21:32
+ecp_small_mul:5:0:21:32:0
ECP small multiplication #6
-ecp_small_mul:6:0:27:30
+ecp_small_mul:6:0:27:30:0
ECP small multiplication #7
-ecp_small_mul:7:0:27:17
+ecp_small_mul:7:0:27:17:0
ECP small multiplication #8
-ecp_small_mul:8:0:21:15
+ecp_small_mul:8:0:21:15:0
ECP small multiplication #9
-ecp_small_mul:9:0:34:14
+ecp_small_mul:9:0:34:14:0
ECP small multiplication #10
-ecp_small_mul:10:0:14:36
+ecp_small_mul:10:0:14:36:0
ECP small multiplication #11
-ecp_small_mul:11:0:20:46
+ecp_small_mul:11:0:20:46:0
ECP small multiplication #12
-ecp_small_mul:12:0:17:05
+ecp_small_mul:12:0:17:05:0
ECP small multiplication #13
-ecp_small_mul:13:1:0:0
+ecp_small_mul:13:1:0:0:0
ECP mod p192 readable
ecp_fast_mod:SECP192R1:"000000000000010500000000000001040000000000000103000000000000010200000000000001010000000000000100"
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index 471bbec..ff51a08 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -54,7 +54,7 @@
END_CASE
BEGIN_CASE
-ecp_small_mul:m:r_zero:x_r:y_r
+ecp_small_mul:m:r_zero:x_r:y_r:ret
{
ecp_group grp;
ecp_point R;
@@ -69,7 +69,7 @@
TEST_ASSERT( mpi_lset( &m, {m} ) == 0 );
- TEST_ASSERT( ecp_mul( &grp, &R, &m, &grp.G ) == 0 );
+ TEST_ASSERT( ecp_mul( &grp, &R, &m, &grp.G ) == {ret} );
if( {r_zero} )
TEST_ASSERT( R.is_zero );