Fix multiply by zero in gcry_mpi_ec_mul.

* mpi/ec.c (_gcry_mpi_ec_mul_point): Handle case of SCALAR == 0.
* tests/t-mpi-point.c (basic_ec_math): Add a test case for this.

Signed-off-by: Werner Koch <wk@wheatstone.g10code.de>

1 files changed, 17 insertions, 4 deletions

diff --git a/mpi/ec.c b/mpi/ec.c
index 5d2f5c92..8fb47a30 100644
--- a/mpi/ec.c
+++ b/mpi/ec.c
@@ -977,10 +977,23 @@ _gcry_mpi_ec_mul_point (mpi_point_t result,
 
   mpi_mul (h, k, mpi_const (MPI_C_THREE)); /* h = 3k */
   loops = mpi_get_nbits (h);
-
-  mpi_set (result->x, point->x);
-  mpi_set (result->y, yy); mpi_free (yy); yy = NULL;
-  mpi_set (result->z, point->z);
+  if (loops < 2)
+    {
+      /* If SCALAR is zero, the above mpi_mul sets H to zero and thus
+         LOOPs will be zero.  To avoid an underflow of I in the main
+         loop we set LOOP to 2 and the result to (0,0,0).  */
+      loops = 2;
+      mpi_clear (result->x);
+      mpi_clear (result->y);
+      mpi_clear (result->z);
+    }
+  else
+    {
+      mpi_set (result->x, point->x);
+      mpi_set (result->y, yy);
+      mpi_set (result->z, point->z);
+    }
+  mpi_free (yy); yy = NULL;
 
   p1.x = x1; x1 = NULL;
   p1.y = y1; y1 = NULL;