upstream commit

add a comment about implicitly-expected checks to sshkey_ec_validate_public() Upstream-ID: 74a7f71c28f7c13a50f89fc78e7863b9cd61713f
author: djm@openbsd.org <djm@openbsd.org> 2016-10-04 21:34:40 +0000
committer: Damien Miller <djm@mindrot.org> 2016-10-06 06:00:43 +1100
commit: a571dbcc7b7b25371174569b13df5159bc4c6c7a (patch)
tree: dbf224dbb641b4295c44708466c30ac9b83bc3f8 /sshkey.c
parent: 2f78a2a698f4222f8e05cad57ac6e0c3d1faff00 (diff)
1 files changed, 9 insertions, 1 deletions
diff --git a/sshkey.c b/sshkey.c
index f7197726c..25a360b7b 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.39 2016/09/26 21:16:11 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.40 2016/10/04 21:34:40 djm Exp $ */
 /*
 * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
 * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -2864,6 +2864,14 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public)
        BIGNUM *order, *x, *y, *tmp;
        int ret = SSH_ERR_KEY_INVALID_EC_VALUE;
+        /*
+         * NB. This assumes OpenSSL has already verified that the public
+         * point lies on the curve. This is done by EC_POINT_oct2point()
+         * implicitly calling EC_POINT_is_on_curve(). If this code is ever
+         * reachable with public points not unmarshalled using
+         * EC_POINT_oct2point then the caller will need to explicitly check.
+         */
        if ((bnctx = BN_CTX_new()) == NULL)
                return SSH_ERR_ALLOC_FAIL;
        BN_CTX_start(bnctx);
author	djm@openbsd.org <djm@openbsd.org>	2016-10-04 21:34:40 +0000
committer	Damien Miller <djm@mindrot.org>	2016-10-06 06:00:43 +1100
commit	a571dbcc7b7b25371174569b13df5159bc4c6c7a (patch)
tree	dbf224dbb641b4295c44708466c30ac9b83bc3f8 /sshkey.c
parent	2f78a2a698f4222f8e05cad57ac6e0c3d1faff00 (diff)