Commit b43ad531 authored by Nicola Tuveri's avatar Nicola Tuveri Committed by Matt Caswell
Browse files

Move up check for EC_R_INCOMPATIBLE_OBJECTS and for the point at infinity case 



Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6009)

(cherry picked from commit 736b31e5)
parent f916a735

crypto/ec/ec_mult.c

+9 −9
Original line number Diff line number Diff line
@@ -376,6 +376,15 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, 
                                 * precomputation is not available */

    int ret = 0;



    if (group->meth != r->meth) {

        ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);

        return 0;

    }



    if ((scalar == NULL) && (num == 0)) {

        return EC_POINT_set_to_infinity(group, r);

    }



    /*-

     * Handle the common cases where the scalar is secret, enforcing a constant

     * time scalar multiplication algorithm.
@@ -402,15 +411,6 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, 
        return ec_mul_consttime(group, r, scalars[0], points[0], ctx);

    }



    if (group->meth != r->meth) {

        ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);

        return 0;

    }



    if ((scalar == NULL) && (num == 0)) {

        return EC_POINT_set_to_infinity(group, r);

    }



    for (i = 0; i < num; i++) {

        if (group->meth != points[i]->meth) {

            ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);