Multiplication by negative is now forbidden

include/polarssl/ecp.h

@@ -201,6 +201,7 @@ int ecp_add( const ecp_group *grp, ecp_point *R,
  *
  * \return          0 if successful,
  *                  POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
+ *                  POLARSSL_ERR_ECP_GENERIC if m < 0
  */
 int ecp_mul( const ecp_group *grp, ecp_point *R,
              const mpi *m, const ecp_point *P );

library/ecp.c

@@ -709,19 +709,24 @@ cleanup:
 }
 
 /*
- * Integer multiplication: R = m * P (GECC 5.7, SPA-resistant variant)
+ * Integer multiplication: R = m * P (GECC 5.7, SPA-resistant)
  */
 int ecp_mul( const ecp_group *grp, ecp_point *R,
              const mpi *m, const ecp_point *P )
 {
-    int ret;
+    int ret, cmp;
     size_t pos;
     ecp_ptjac Q[2];
 
+    cmp = mpi_cmp_int( m, 0 );
+
+    if( cmp < 0 )
+        return( POLARSSL_ERR_ECP_GENERIC );
+
     /*
-     * The general method works only for m >= 1
+     * The general method works only for m != 0
      */
-    if( mpi_cmp_int( m, 0 ) == 0 ) {
+    if( cmp == 0 ) {
         ecp_set_zero( R );
         return( 0 );
     }

tests/suites/test_suite_ecp.data

@@ -22,47 +22,50 @@ ecp_small_add:0:"37":"31":0:"37":"31":0:21:32
 ECP small addition #8
 ecp_small_add:0:"14":"11":0:"14":"11":0:27:30
 
+ECP small multiplication negative
+ecp_small_mul:-1:0:0:0:POLARSSL_ERR_ECP_GENERIC
+
 ECP small multiplication #0
-ecp_small_mul:0:1:0:0
+ecp_small_mul:0:1:0:0:0
 
 ECP small multiplication #1
-ecp_small_mul:1:0:17:42
+ecp_small_mul:1:0:17:42:0
 
 ECP small multiplication #2
-ecp_small_mul:2:0:20:01
+ecp_small_mul:2:0:20:01:0
 
 ECP small multiplication #3
-ecp_small_mul:3:0:14:11
+ecp_small_mul:3:0:14:11:0
 
 ECP small multiplication #4
-ecp_small_mul:4:0:34:33
+ecp_small_mul:4:0:34:33:0
 
 ECP small multiplication #5
-ecp_small_mul:5:0:21:32
+ecp_small_mul:5:0:21:32:0
 
 ECP small multiplication #6
-ecp_small_mul:6:0:27:30
+ecp_small_mul:6:0:27:30:0
 
 ECP small multiplication #7
-ecp_small_mul:7:0:27:17
+ecp_small_mul:7:0:27:17:0
 
 ECP small multiplication #8
-ecp_small_mul:8:0:21:15
+ecp_small_mul:8:0:21:15:0
 
 ECP small multiplication #9
-ecp_small_mul:9:0:34:14
+ecp_small_mul:9:0:34:14:0
 
 ECP small multiplication #10
-ecp_small_mul:10:0:14:36
+ecp_small_mul:10:0:14:36:0
 
 ECP small multiplication #11
-ecp_small_mul:11:0:20:46
+ecp_small_mul:11:0:20:46:0
 
 ECP small multiplication #12
-ecp_small_mul:12:0:17:05
+ecp_small_mul:12:0:17:05:0
 
 ECP small multiplication #13
-ecp_small_mul:13:1:0:0
+ecp_small_mul:13:1:0:0:0
 
 ECP mod p192 readable
 ecp_fast_mod:SECP192R1:"000000000000010500000000000001040000000000000103000000000000010200000000000001010000000000000100"

tests/suites/test_suite_ecp.function

@@ -54,7 +54,7 @@ ecp_small_add:a_zero:x_a:y_a:b_zero:x_b:y_b:c_zero:x_c:y_c
 END_CASE
 
 BEGIN_CASE
-ecp_small_mul:m:r_zero:x_r:y_r
+ecp_small_mul:m:r_zero:x_r:y_r:ret
 {
     ecp_group grp;
     ecp_point R;
@@ -69,7 +69,7 @@ ecp_small_mul:m:r_zero:x_r:y_r
 
     TEST_ASSERT( mpi_lset( &m, {m} ) == 0 );
 
-    TEST_ASSERT( ecp_mul( &grp, &R, &m, &grp.G ) == 0 );
+    TEST_ASSERT( ecp_mul( &grp, &R, &m, &grp.G ) == {ret} );
 
     if( {r_zero} )
         TEST_ASSERT( R.is_zero );