OpenSSL  1.0.1c
 All Classes Files Functions Variables Typedefs Enumerations Enumerator Macros
ec_check.c
Go to the documentation of this file.
1 /* crypto/ec/ec_check.c */
2 /* ====================================================================
3  * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  *
9  * 1. Redistributions of source code must retain the above copyright
10  * notice, this list of conditions and the following disclaimer.
11  *
12  * 2. Redistributions in binary form must reproduce the above copyright
13  * notice, this list of conditions and the following disclaimer in
14  * the documentation and/or other materials provided with the
15  * distribution.
16  *
17  * 3. All advertising materials mentioning features or use of this
18  * software must display the following acknowledgment:
19  * "This product includes software developed by the OpenSSL Project
20  * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21  *
22  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23  * endorse or promote products derived from this software without
24  * prior written permission. For written permission, please contact
25  * [email protected].
26  *
27  * 5. Products derived from this software may not be called "OpenSSL"
28  * nor may "OpenSSL" appear in their names without prior written
29  * permission of the OpenSSL Project.
30  *
31  * 6. Redistributions of any form whatsoever must retain the following
32  * acknowledgment:
33  * "This product includes software developed by the OpenSSL Project
34  * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35  *
36  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47  * OF THE POSSIBILITY OF SUCH DAMAGE.
48  * ====================================================================
49  *
50  * This product includes cryptographic software written by Eric Young
51  * ([email protected]). This product includes software written by Tim
52  * Hudson ([email protected]).
53  *
54  */
55 
56 #include "ec_lcl.h"
57 #include <openssl/err.h>
58 
59 int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
60  {
61  int ret = 0;
62  BIGNUM *order;
63  BN_CTX *new_ctx = NULL;
64  EC_POINT *point = NULL;
65 
66  if (ctx == NULL)
67  {
68  ctx = new_ctx = BN_CTX_new();
69  if (ctx == NULL)
70  {
71  ECerr(EC_F_EC_GROUP_CHECK, ERR_R_MALLOC_FAILURE);
72  goto err;
73  }
74  }
75  BN_CTX_start(ctx);
76  if ((order = BN_CTX_get(ctx)) == NULL) goto err;
77 
78  /* check the discriminant */
79  if (!EC_GROUP_check_discriminant(group, ctx))
80  {
81  ECerr(EC_F_EC_GROUP_CHECK, EC_R_DISCRIMINANT_IS_ZERO);
82  goto err;
83  }
84 
85  /* check the generator */
86  if (group->generator == NULL)
87  {
88  ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_GENERATOR);
89  goto err;
90  }
91  if (!EC_POINT_is_on_curve(group, group->generator, ctx))
92  {
93  ECerr(EC_F_EC_GROUP_CHECK, EC_R_POINT_IS_NOT_ON_CURVE);
94  goto err;
95  }
96 
97  /* check the order of the generator */
98  if ((point = EC_POINT_new(group)) == NULL) goto err;
99  if (!EC_GROUP_get_order(group, order, ctx)) goto err;
100  if (BN_is_zero(order))
101  {
102  ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_ORDER);
103  goto err;
104  }
105 
106  if (!EC_POINT_mul(group, point, order, NULL, NULL, ctx)) goto err;
107  if (!EC_POINT_is_at_infinity(group, point))
108  {
109  ECerr(EC_F_EC_GROUP_CHECK, EC_R_INVALID_GROUP_ORDER);
110  goto err;
111  }
112 
113  ret = 1;
114 
115 err:
116  if (ctx != NULL)
117  BN_CTX_end(ctx);
118  if (new_ctx != NULL)
119  BN_CTX_free(new_ctx);
120  if (point)
121  EC_POINT_free(point);
122  return ret;
123  }
Generated on Thu Jan 10 2013 09:53:36 for OpenSSL by   doxygen 1.8.2