[openssl-users] EC_KEY_check_key
Jakob Bohm
jb-openssl at wisemo.com
Mon Nov 5 20:27:00 UTC 2018
On 05/11/2018 07:20, Thulasi Goriparthi wrote:
>>> For such tests, it's always better safe than sorry.
>
> Not sure, if repeating the same test (or the test of the same value)
> would add any safety.
>
The safety is in avoiding creating some situation where its tested
zero times because each test assumes the other test does it.
> On Fri, 2 Nov 2018 at 16:53, Jakob Bohm via openssl-users
> <openssl-users at openssl.org> wrote:
>>
>> On 02/11/2018 08:50, Thulasi Goriparthi wrote:
>>> Hi,
>>>
>>> I am going through the checks done by EC_KEY_check_key method. I see
>>> the following checks in order.
>>>
>>> 1. Is point at infinity? - reject.
>>> 2. Is point not on curve? reject.
>>> 3. Is point not in the primary subgroup? reject.
>>> 4. If priv key(scalar) available, then check if scalar * G != point.
>>> If so, reject.
>>>
>>> If priv key is available and we do step 4, isn't step 3 redundant? Can
>>> we change this to something like this?
>>>
>>> if (priv key)
>>> step 4
>>> else
>>> step 3
>>
>> For such tests, it's always better safe than sorry.
>>
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
More information about the openssl-users
mailing list