From 5701ad0e385dd88700fb100c0ea01cabe49716bb Mon Sep 17 00:00:00 2001
From: tb <>
Date: Tue, 7 Feb 2023 09:00:48 +0000
Subject: libcrypto/ec: another missing point-on-curve check

Unlike in the affine/compressed/... cases, when setting projective
coordinates of an elliptic curve point, there is no check whether
the point is actually on the curve.

Pointed out by Guido Vranken

ok beck miod
---
 src/lib/libcrypto/ec/ec_lib.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index 5ad535f7ec..2a99f8d490 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_lib.c,v 1.47 2022/11/26 16:08:52 tb Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.48 2023/02/07 09:00:48 tb Exp $ */
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
@@ -949,8 +949,14 @@ EC_POINT_set_Jprojective_coordinates(const EC_GROUP *group, EC_POINT *point,
 		ECerror(EC_R_INCOMPATIBLE_OBJECTS);
 		return 0;
 	}
-	return group->meth->point_set_Jprojective_coordinates(group, point,
-	    x, y, z, ctx);
+	if (!group->meth->point_set_Jprojective_coordinates(group, point,
+	    x, y, z, ctx))
+		return 0;
+	if (EC_POINT_is_on_curve(group, point, ctx) <= 0) {
+		ECerror(EC_R_POINT_IS_NOT_ON_CURVE);
+		return 0;
+	}
+	return 1;
 }
 
 int
-- 
cgit v1.2.3-55-g6feb