From d14398e8250d525c82217dec47102cf942e39f8b Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sun, 3 Nov 2024 13:53:14 +0000
Subject: Move point at infinity check to API boundary

Since we only consider standard affine coordinates, the point at infinity
must be excluded. Check at the API boundary that the point isn't the point
at infinity rather than hiding this check somewhere in a method.

ok jsing
---
 src/lib/libcrypto/ec/ec_lib.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index a16fe05c44..327cda900b 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_lib.c,v 1.76 2024/11/02 15:58:49 tb Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.77 2024/11/03 13:53:14 tb Exp $ */
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
@@ -1001,9 +1001,14 @@ int
 EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point,
     BIGNUM *x, BIGNUM *y, BN_CTX *ctx_in)
 {
-	BN_CTX *ctx;
+	BN_CTX *ctx = NULL;
 	int ret = 0;
 
+	if (EC_POINT_is_at_infinity(group, point) > 0) {
+		ECerror(EC_R_POINT_AT_INFINITY);
+		goto err;
+	}
+
 	if ((ctx = ctx_in) == NULL)
 		ctx = BN_CTX_new();
 	if (ctx == NULL)
-- 
cgit v1.2.3-55-g6feb