Skip to content

Commit 666e78a

Browse files
sjaeckelsjaeckel
committed
Fix cases where the points are equal.
Signed-off-by: Steffen Jaeckel <[email protected]>
1 parent 34b3067 commit 666e78a

File tree

2 files changed

+16
-2
lines changed

2 files changed

+16
-2
lines changed

src/math/tfm_desc.c

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -597,7 +597,7 @@ static int tfm_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q,
597597
{
598598
fp_int t1, t2, x, y, z;
599599
fp_digit mp;
600-
int err, inf;
600+
int err, inf, x_or_y_is_zero;
601601

602602
LTC_ARGCHK(P != NULL);
603603
LTC_ARGCHK(Q != NULL);
@@ -636,6 +636,7 @@ static int tfm_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q,
636636
if ( (fp_cmp(P->x, Q->x) == FP_EQ) &&
637637
(Q->z != NULL && fp_cmp(P->z, Q->z) == FP_EQ) &&
638638
(fp_cmp(P->y, Q->y) == FP_EQ || fp_cmp(P->y, &t1) == FP_EQ)) {
639+
dbl:
639640
return tfm_ecc_projective_dbl_point(P, R, ma, modulus, Mp);
640641
}
641642

@@ -735,6 +736,7 @@ static int tfm_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q,
735736
if (fp_cmp_d(&x, 0) == FP_LT) {
736737
fp_add(&x, TFM_UNCONST(void *)modulus, &x);
737738
}
739+
x_or_y_is_zero = fp_cmp_d(&x, 0) == FP_EQ;
738740

739741
/* T2 = T2 - X */
740742
fp_sub(&t2, &x, &t2);
@@ -759,6 +761,11 @@ static int tfm_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q,
759761
fp_add(&y, TFM_UNCONST(void *)modulus, &y);
760762
}
761763
fp_div_2(&y, &y);
764+
x_or_y_is_zero |= fp_cmp_d(&y, 0) == LTC_MP_EQ;
765+
766+
if (x_or_y_is_zero) {
767+
goto dbl;
768+
}
762769

763770
fp_copy(&x, R->x);
764771
fp_copy(&y, R->y);

src/pk/ecc/ltc_ecc_projective_add_point.c

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ int ltc_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q, ecc_poi
2424
const void *ma, const void *modulus, void *mp)
2525
{
2626
void *t1, *t2, *x, *y, *z;
27-
int err, inf;
27+
int err, inf, x_or_y_is_zero;
2828

2929
LTC_ARGCHK(P != NULL);
3030
LTC_ARGCHK(Q != NULL);
@@ -52,6 +52,7 @@ int ltc_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q, ecc_poi
5252

5353
if ((ltc_mp_cmp(P->x, Q->x) == LTC_MP_EQ) && (ltc_mp_cmp(P->z, Q->z) == LTC_MP_EQ)) {
5454
if (ltc_mp_cmp(P->y, Q->y) == LTC_MP_EQ) {
55+
dbl:
5556
/* here P = Q >> Result = 2 * P (use doubling) */
5657
ltc_mp_deinit_multi(t1, t2, x, y, z, LTC_NULL);
5758
return ltc_ecc_projective_dbl_point(P, R, ma, modulus, mp);
@@ -160,6 +161,7 @@ int ltc_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q, ecc_poi
160161
if (ltc_mp_cmp_d(x, 0) == LTC_MP_LT) {
161162
if ((err = ltc_mp_add(x, modulus, x)) != CRYPT_OK) { goto done; }
162163
}
164+
x_or_y_is_zero = ltc_mp_cmp_d(x, 0) == LTC_MP_EQ;
163165

164166
/* T2 = T2 - X */
165167
if ((err = ltc_mp_sub(t2, x, t2)) != CRYPT_OK) { goto done; }
@@ -184,6 +186,11 @@ int ltc_ecc_projective_add_point(const ecc_point *P, const ecc_point *Q, ecc_poi
184186
if ((err = ltc_mp_add(y, modulus, y)) != CRYPT_OK) { goto done; }
185187
}
186188
if ((err = ltc_mp_div_2(y, y)) != CRYPT_OK) { goto done; }
189+
x_or_y_is_zero |= ltc_mp_cmp_d(y, 0) == LTC_MP_EQ;
190+
191+
if (x_or_y_is_zero) {
192+
goto dbl;
193+
}
187194

188195
if ((err = ltc_mp_copy(x, R->x)) != CRYPT_OK) { goto done; }
189196
if ((err = ltc_mp_copy(y, R->y)) != CRYPT_OK) { goto done; }

0 commit comments

Comments
 (0)