Move point at infinity check to API boundary

Since we only consider standard affine coordinates, the point at infinity
must be excluded. Check at the API boundary that the point isn't the point
at infinity rather than hiding this check somewhere in a method.

ok jsing

1 files changed, 7 insertions, 2 deletions

diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index a16fe05c44..327cda900b 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_lib.c,v 1.76 2024/11/02 15:58:49 tb Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.77 2024/11/03 13:53:14 tb Exp $ */
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
@@ -1001,9 +1001,14 @@ int
 EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point,
     BIGNUM *x, BIGNUM *y, BN_CTX *ctx_in)
 {
-        BN_CTX *ctx;
+        BN_CTX *ctx = NULL;
         int ret = 0;
 
+        if (EC_POINT_is_at_infinity(group, point) > 0) {
+                ECerror(EC_R_POINT_AT_INFINITY);
+                goto err;
+        }
+
         if ((ctx = ctx_in) == NULL)
                 ctx = BN_CTX_new();
         if (ctx == NULL)