Bug 836562: Use Horner's rule to calculate the elliptic curve polynomial in

ec_GFp_validate_point. r=agl.
author: wtc%google.com <devnull@localhost> 2013-02-01 03:42:09 +0000
committer: wtc%google.com <devnull@localhost> 2013-02-01 03:42:09 +0000
commit: e803b3a09b9961c806b4e447068811e5f7bb4c81 (patch)
tree: bc90c7d8faa37ba6e767980e85e817c7b64f04b5
parent: 9b7e86ff63026efcf54eb016e21dfaf75e5601c9 (diff)
download: nss-hg-e803b3a09b9961c806b4e447068811e5f7bb4c81.tar.gz
1 files changed, 3 insertions, 4 deletions
diff --git a/security/nss/lib/freebl/ecl/ecp_aff.c b/security/nss/lib/freebl/ecl/ecp_aff.c
index 5ed84e028..92e860448 100644
--- a/security/nss/lib/freebl/ecl/ecp_aff.c
+++ b/security/nss/lib/freebl/ecl/ecp_aff.c
@@ -285,11 +285,10 @@ ec_GFp_validate_point(const mp_int *px, const mp_int *py, const ECGroup *group)
 	}
 	/* left-hand side: y^2  */
 	MP_CHECKOK( group->meth->field_sqr(&pyt, &accl, group->meth) );
-	/* right-hand side: x^3 + a*x + b */
+	/* right-hand side: x^3 + a*x + b = (x^2 + a)*x + b by Horner's rule */
 	MP_CHECKOK( group->meth->field_sqr(&pxt, &tmp, group->meth) );
-	MP_CHECKOK( group->meth->field_mul(&pxt, &tmp, &accr, group->meth) );
-	MP_CHECKOK( group->meth->field_mul(&group->curvea, &pxt, &tmp, group->meth) );
-	MP_CHECKOK( group->meth->field_add(&tmp, &accr, &accr, group->meth) );
+	MP_CHECKOK( group->meth->field_add(&tmp, &group->curvea, &tmp, group->meth) );
+	MP_CHECKOK( group->meth->field_mul(&tmp, &pxt, &accr, group->meth) );
 	MP_CHECKOK( group->meth->field_add(&accr, &group->curveb, &accr, group->meth) );
 	/* check LHS - RHS == 0 */
 	MP_CHECKOK( group->meth->field_sub(&accl, &accr, &accr, group->meth) );
author	wtc%google.com <devnull@localhost>	2013-02-01 03:42:09 +0000
committer	wtc%google.com <devnull@localhost>	2013-02-01 03:42:09 +0000
commit	e803b3a09b9961c806b4e447068811e5f7bb4c81 (patch)
tree	bc90c7d8faa37ba6e767980e85e817c7b64f04b5
parent	9b7e86ff63026efcf54eb016e21dfaf75e5601c9 (diff)
download	nss-hg-e803b3a09b9961c806b4e447068811e5f7bb4c81.tar.gz