From f826fb1de15ccb33899a2a316904c010c0b1ca00 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Fri, 26 Jun 2015 15:29:29 +0300 Subject: [PATCH] OpenSSL: Handle EC_POINT_is_on_curve() error case Even though this OpenSSL function is documented as returning "1 if point if on the curve and 0 otherwise", it can apparently return -1 on some error cases. Be prepared for that and check explicitly against 1 instead of non-zero. Signed-off-by: Jouni Malinen --- src/crypto/crypto_openssl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 3923b8be4..3703b9360 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -1412,7 +1412,8 @@ int crypto_ec_point_is_at_infinity(struct crypto_ec *e, int crypto_ec_point_is_on_curve(struct crypto_ec *e, const struct crypto_ec_point *p) { - return EC_POINT_is_on_curve(e->group, (const EC_POINT *) p, e->bnctx); + return EC_POINT_is_on_curve(e->group, (const EC_POINT *) p, + e->bnctx) == 1; }