From bbf5f8cad3006aa230ec142b1e8234e17cfc8170 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sun, 3 Nov 2024 13:53:14 +0000
Subject: Move point at infinity check to API boundary

Since we only consider standard affine coordinates, the point at infinity
must be excluded. Check at the API boundary that the point isn't the point
at infinity rather than hiding this check somewhere in a method.

ok jsing
---
 src/lib/libcrypto/ec/ec_lib.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index a16fe05c44..327cda900b 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_lib.c,v 1.76 2024/11/02 15:58:49 tb Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.77 2024/11/03 13:53:14 tb Exp $ */
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
@@ -1001,9 +1001,14 @@ int
 EC_POINT_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point,
     BIGNUM *x, BIGNUM *y, BN_CTX *ctx_in)
 {
-	BN_CTX *ctx;
+	BN_CTX *ctx = NULL;
 	int ret = 0;
 
+	if (EC_POINT_is_at_infinity(group, point) > 0) {
+		ECerror(EC_R_POINT_AT_INFINITY);
+		goto err;
+	}
+
 	if ((ctx = ctx_in) == NULL)
 		ctx = BN_CTX_new();
 	if (ctx == NULL)
-- 
cgit v1.2.3-55-g6feb