Home | History | Annotate | Download | only in ec 
      1 /* crypto/ec/ec_check.c */
      2 /* ====================================================================
      3  * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
      4  *
      5  * Redistribution and use in source and binary forms, with or without
      6  * modification, are permitted provided that the following conditions
      7  * are met:
      8  *
      9  * 1. Redistributions of source code must retain the above copyright
     10  *    notice, this list of conditions and the following disclaimer.
     11  *
     12  * 2. Redistributions in binary form must reproduce the above copyright
     13  *    notice, this list of conditions and the following disclaimer in
     14  *    the documentation and/or other materials provided with the
     15  *    distribution.
     16  *
     17  * 3. All advertising materials mentioning features or use of this
     18  *    software must display the following acknowledgment:
     19  *    "This product includes software developed by the OpenSSL Project
     20  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
     21  *
     22  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
     23  *    endorse or promote products derived from this software without
     24  *    prior written permission. For written permission, please contact
     25  *    openssl-core (at) openssl.org.
     26  *
     27  * 5. Products derived from this software may not be called "OpenSSL"
     28  *    nor may "OpenSSL" appear in their names without prior written
     29  *    permission of the OpenSSL Project.
     30  *
     31  * 6. Redistributions of any form whatsoever must retain the following
     32  *    acknowledgment:
     33  *    "This product includes software developed by the OpenSSL Project
     34  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
     35  *
     36  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
     37  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     38  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
     39  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
     40  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
     41  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
     42  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
     43  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     44  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
     45  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
     46  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
     47  * OF THE POSSIBILITY OF SUCH DAMAGE.
     48  * ====================================================================
     49  *
     50  * This product includes cryptographic software written by Eric Young
     51  * (eay (at) cryptsoft.com).  This product includes software written by Tim
     52  * Hudson (tjh (at) cryptsoft.com).
     53  *
     54  */
     55 
     56 #include "ec_lcl.h"
     57 #include <openssl/err.h>
     58 
     59 int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
     60 	{
     61 	int ret = 0;
     62 	BIGNUM *order;
     63 	BN_CTX *new_ctx = NULL;
     64 	EC_POINT *point = NULL;
     65 
     66 	if (ctx == NULL)
     67 		{
     68 		ctx = new_ctx = BN_CTX_new();
     69 		if (ctx == NULL)
     70 			{
     71 			ECerr(EC_F_EC_GROUP_CHECK, ERR_R_MALLOC_FAILURE);
     72 			goto err;
     73 			}
     74 		}
     75 	BN_CTX_start(ctx);
     76 	if ((order = BN_CTX_get(ctx)) == NULL) goto err;
     77 
     78 	/* check the discriminant */
     79 	if (!EC_GROUP_check_discriminant(group, ctx))
     80 		{
     81 		ECerr(EC_F_EC_GROUP_CHECK, EC_R_DISCRIMINANT_IS_ZERO);
     82 		goto err;
     83 		}
     84 
     85 	/* check the generator */
     86 	if (group->generator == NULL)
     87 		{
     88 		ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_GENERATOR);
     89 		goto err;
     90 		}
     91 	if (!EC_POINT_is_on_curve(group, group->generator, ctx))
     92 		{
     93 		ECerr(EC_F_EC_GROUP_CHECK, EC_R_POINT_IS_NOT_ON_CURVE);
     94 		goto err;
     95 		}
     96 
     97 	/* check the order of the generator */
     98 	if ((point = EC_POINT_new(group)) == NULL) goto err;
     99 	if (!EC_GROUP_get_order(group, order, ctx)) goto err;
    100 	if (BN_is_zero(order))
    101 		{
    102 		ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_ORDER);
    103 		goto err;
    104 		}
    105 
    106 	if (!EC_POINT_mul(group, point, order, NULL, NULL, ctx)) goto err;
    107 	if (!EC_POINT_is_at_infinity(group, point))
    108 		{
    109 		ECerr(EC_F_EC_GROUP_CHECK, EC_R_INVALID_GROUP_ORDER);
    110 		goto err;
    111 		}
    112 
    113 	ret = 1;
    114 
    115 err:
    116 	if (ctx != NULL)
    117 		BN_CTX_end(ctx);
    118 	if (new_ctx != NULL)
    119 		BN_CTX_free(new_ctx);
    120 	if (point)
    121 		EC_POINT_free(point);
    122 	return ret;
    123 	}
    124