Multiplication by negative is now forbidden

4bdd47d2 · Manuel Pégourié-Gonnard · Paul Bakker · 8433824d · 4bdd47d2 · 4bdd47d2
Commit 4bdd47d2 authored Nov 11, 2012 by Manuel Pégourié-Gonnard Committed by Paul Bakker Jan 16, 2013
4 changed files
--- a/include/polarssl/ecp.h
+++ b/include/polarssl/ecp.h
@@ -201,6 +201,7 @@ int ecp_add( const ecp_group *grp, ecp_point *R,
 *
 * \return          0 if successful,
 *                  POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
+ *                  POLARSSL_ERR_ECP_GENERIC if m < 0
 */
 int ecp_mul( const ecp_group *grp, ecp_point *R,
             const mpi *m, const ecp_point *P );

--- a/library/ecp.c
+++ b/library/ecp.c
@@ -709,19 +709,24 @@ cleanup:
 }

 /*
- * Integer multiplication: R = m * P (GECC 5.7, SPA-resistant variant)
+ * Integer multiplication: R = m * P (GECC 5.7, SPA-resistant)
 */
 int ecp_mul( const ecp_group *grp, ecp_point *R,
             const mpi *m, const ecp_point *P )
 {
-    int ret;
+    int ret, cmp;
    size_t pos;
    ecp_ptjac Q[2];

+    cmp = mpi_cmp_int( m, 0 );
+
+    if( cmp < 0 )
+        return( POLARSSL_ERR_ECP_GENERIC );
+
    /*
-     * The general method works only for m >= 1
+     * The general method works only for m != 0
     */
-    if( mpi_cmp_int( m, 0 ) == 0 ) {
+    if( cmp == 0 ) {
        ecp_set_zero( R );
        return( 0 );
    }

--- a/tests/suites/test_suite_ecp.data
+++ b/tests/suites/test_suite_ecp.data
@@ -22,47 +22,50 @@ ecp_small_add:0:"37":"31":0:"37":"31":0:21:32
 ECP small addition #8
 ecp_small_add:0:"14":"11":0:"14":"11":0:27:30

+ECP small multiplication negative
+ecp_small_mul:-1:0:0:0:POLARSSL_ERR_ECP_GENERIC
+
 ECP small multiplication #0
-ecp_small_mul:0:1:0:0
+ecp_small_mul:0:1:0:0:0

 ECP small multiplication #1
-ecp_small_mul:1:0:17:42
+ecp_small_mul:1:0:17:42:0

 ECP small multiplication #2
-ecp_small_mul:2:0:20:01
+ecp_small_mul:2:0:20:01:0

 ECP small multiplication #3
-ecp_small_mul:3:0:14:11
+ecp_small_mul:3:0:14:11:0

 ECP small multiplication #4
-ecp_small_mul:4:0:34:33
+ecp_small_mul:4:0:34:33:0

 ECP small multiplication #5
-ecp_small_mul:5:0:21:32
+ecp_small_mul:5:0:21:32:0

 ECP small multiplication #6
-ecp_small_mul:6:0:27:30
+ecp_small_mul:6:0:27:30:0

 ECP small multiplication #7
-ecp_small_mul:7:0:27:17
+ecp_small_mul:7:0:27:17:0

 ECP small multiplication #8
-ecp_small_mul:8:0:21:15
+ecp_small_mul:8:0:21:15:0

 ECP small multiplication #9
-ecp_small_mul:9:0:34:14
+ecp_small_mul:9:0:34:14:0

 ECP small multiplication #10
-ecp_small_mul:10:0:14:36
+ecp_small_mul:10:0:14:36:0

 ECP small multiplication #11
-ecp_small_mul:11:0:20:46
+ecp_small_mul:11:0:20:46:0

 ECP small multiplication #12
-ecp_small_mul:12:0:17:05
+ecp_small_mul:12:0:17:05:0

 ECP small multiplication #13
-ecp_small_mul:13:1:0:0
+ecp_small_mul:13:1:0:0:0

 ECP mod p192 readable
 ecp_fast_mod:SECP192R1:"000000000000010500000000000001040000000000000103000000000000010200000000000001010000000000000100"

--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -54,7 +54,7 @@ ecp_small_add:a_zero:x_a:y_a:b_zero:x_b:y_b:c_zero:x_c:y_c
 END_CASE

 BEGIN_CASE
-ecp_small_mul:m:r_zero:x_r:y_r
+ecp_small_mul:m:r_zero:x_r:y_r:ret
 {
    ecp_group grp;
    ecp_point R;
@@ -69,7 +69,7 @@ ecp_small_mul:m:r_zero:x_r:y_r

    TEST_ASSERT( mpi_lset( &m, {m} ) == 0 );

-    TEST_ASSERT( ecp_mul( &grp, &R, &m, &grp.G ) == 0 );
+    TEST_ASSERT( ecp_mul( &grp, &R, &m, &grp.G ) == {ret} );

    if( {r_zero} )
        TEST_ASSERT( R.is_zero );