From 1ccdb13a7c47a89dac65e1db5961c4fd0cd59940 Mon Sep 17 00:00:00 2001
From: mdw <mdw>
Date: Wed, 3 Nov 2004 10:42:15 +0000
Subject: [PATCH] Bug fix in prime curve doubling: if 2 P = O then it
 erroneously returned P instead of O.

---
 ec-prime.c | 12 +++---------
 tests/ec   | 10 +++++++++-
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/ec-prime.c b/ec-prime.c
index c146931..dc299fb 100644
--- a/ec-prime.c
+++ b/ec-prime.c
@@ -68,10 +68,8 @@ static ec *ecfind(ec_curve *c, ec *d, mp *x)
 
 static ec *ecdbl(ec_curve *c, ec *d, const ec *a)
 {
-  if (EC_ATINF(a))
+  if (EC_ATINF(a) || F_ZEROP(c->f, a->y))
     EC_SETINF(d);
-  else if (F_ZEROP(c->f, a->y))
-    EC_COPY(d, a);
   else {
     field *f = c->f;
     mp *lambda;
@@ -102,10 +100,8 @@ static ec *ecdbl(ec_curve *c, ec *d, const ec *a)
 
 static ec *ecprojdbl(ec_curve *c, ec *d, const ec *a)
 {
-  if (EC_ATINF(a))
+  if (EC_ATINF(a) || F_ZEROP(c->f, a->y))
     EC_SETINF(d);
-  else if (F_ZEROP(c->f, a->y))
-    EC_COPY(d, a);
   else {
     field *f = c->f;
     mp *p, *q, *m, *s, *dx, *dy, *dz;
@@ -146,10 +142,8 @@ static ec *ecprojdbl(ec_curve *c, ec *d, const ec *a)
 
 static ec *ecprojxdbl(ec_curve *c, ec *d, const ec *a)
 {
-  if (EC_ATINF(a))
+  if (EC_ATINF(a) || F_ZEROP(c->f, a->y))
     EC_SETINF(d);
-  else if (F_ZEROP(c->f, a->y))
-    EC_COPY(d, a);
   else {
     field *f = c->f;
     mp *p, *q, *m, *s, *dx, *dy, *dz;
diff --git a/tests/ec b/tests/ec
index aba2b58..61f78e0 100644
--- a/tests/ec
+++ b/tests/ec
@@ -1,4 +1,4 @@
-# $Id: ec,v 1.3 2004/03/27 17:54:12 mdw Exp $
+# $Id$
 #
 # Elliptic curve tests
 
@@ -198,6 +198,9 @@ neg {
 }
 
 dbl {
+  "prime: 23 prime: 1, 1" "4, 0" inf;
+  "prime: 23 primeproj: 1, 1" "4, 0" inf;
+
   "prime: 6277101735386680763835789423207666416083908700390324961279
      prime: -3, 0x64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1"
     "0x188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012,
@@ -351,6 +354,11 @@ sub {
 }
 
 mul {
+  "prime: 23 prime: 1, 1" "0, 1" 28 inf;
+  "prime: 23 prime: 1, 1" "0, 1" 29 "0, 1";
+  "prime: 23 primeproj: 1, 1" "0, 1" 28 inf;
+  "prime: 23 primeproj: 1, 1" "0, 1" 29 "0, 1";
+
   "prime: 6277101735386680763835789423207666416083908700390324961279
      prime: -3, 0x64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1"
      "0x188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012,
-- 
2.11.0