Add ec_group_and_point_compatible() helper

Check that a given group and point are reasonably compatible. First see
if they use the same method. Compare nids if both have nid != NID_undef.

ok jsing kenjiro

2 files changed, 13 insertions, 2 deletions

diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index b31c132a77..b3d3c4ca71 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_lib.c,v 1.127 2025/12/26 18:41:05 tb Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.128 2025/12/26 18:42:33 tb Exp $ */
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
@@ -792,6 +792,16 @@ EC_GROUP_cmp(const EC_GROUP *group1, const EC_GROUP *group2, BN_CTX *ctx_in)
 }
 LCRYPTO_ALIAS(EC_GROUP_cmp);
 
+int
+ec_group_and_point_compatible(const EC_GROUP *group, const EC_POINT *point)
+{
+        if (group->meth != point->meth)
+                return 0;
+        if (group->nid == NID_undef || point->nid == NID_undef)
+                return 1;
+        return group->nid == point->nid;
+}
+
 EC_POINT *
 EC_POINT_new(const EC_GROUP *group)
 {
diff --git a/src/lib/libcrypto/ec/ec_local.h b/src/lib/libcrypto/ec/ec_local.h
index 933fd98f14..d84e92767c 100644
--- a/src/lib/libcrypto/ec/ec_local.h
+++ b/src/lib/libcrypto/ec/ec_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_local.h,v 1.72 2025/12/26 18:41:05 tb Exp $ */
+/* $OpenBSD: ec_local.h,v 1.73 2025/12/26 18:42:33 tb Exp $ */
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
@@ -196,6 +196,7 @@ int ec_wnaf_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar1,
     BN_CTX *ctx);
 
 int ec_group_is_builtin_curve(const EC_GROUP *group, int *out_nid);
+int ec_group_and_point_compatible(const EC_GROUP *group, const EC_POINT *point);
 
 /*
  * Wrappers around the unergonomic EC_POINT_{oct2point,point2oct}().