* compressed coordinates. Uses algorithm 2.3.4 of SEC 1.
* Note that the simple implementation only uses affine coordinates.
*
- * This algorithm is patented by Certicom Corp. under US Patent 6,141,420.
+ * This algorithm is patented by Certicom Corp. under US Patent 6,141,420
+ * (for licensing information, contact licensing@certicom.com).
* This function is disabled by default and can be enabled by defining the
* preprocessor macro OPENSSL_EC_BIN_PT_COMP at Configure-time.
*/
BIGNUM *tmp, *x, *y, *z;
int ret = 0, z0;
+ /* clear error queue */
+ ERR_clear_error();
+
if (ctx == NULL)
{
ctx = new_ctx = BN_CTX_new();
if (!group->meth->field_div(group, tmp, &group->b, tmp, ctx)) goto err;
if (!BN_GF2m_add(tmp, &group->a, tmp)) goto err;
if (!BN_GF2m_add(tmp, x, tmp)) goto err;
- if (!BN_GF2m_mod_solve_quad_arr(z, tmp, group->poly, ctx)) goto err;
+ if (!BN_GF2m_mod_solve_quad_arr(z, tmp, group->poly, ctx))
+ {
+ unsigned long err = ERR_peek_last_error();
+
+ if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NO_SOLUTION)
+ {
+ ERR_clear_error();
+ ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT);
+ }
+ else
+ ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_BN_LIB);
+ goto err;
+ }
z0 = (BN_is_odd(z)) ? 1 : 0;
if (!group->meth->field_mul(group, y, x, z, ctx)) goto err;
if (z0 != y_bit)
projects / oweals / openssl.git / blobdiff