eccref.py: handle order-2 points in Montgomery curves.

If a point doubles to the identity, we should return the identity, rather than throwing a Python divide-by-zero exception.
2025-01-09 17:38:00 +00:00 · 2020-02-26 19:23:03 +00:00 · 2020-02-26 19:23:03 +00:00 · 0645824e4d
commit 0645824e4d
parent 027f1c67ec
1 changed files with 5 additions and 1 deletions
--- a/test/eccref.py
+++ b/test/eccref.py
@ -316,9 +316,13 @@ class MontgomeryCurve(CurveBase):
            xdiff = x2-x1
            if xdiff != 0:
                slope = (y2-y1) / xdiff
-            else:
+            elif y1 != 0:
                assert y1 == y2
                slope = (3*x1*x1 + 2*self.curve.a*x1 + 1) / (2*self.curve.b*y1)
+            else:
+                # If y1 was 0 as well, then we must have found an
+                # order-2 point that doubles to the identity.
+                return self.curve.point()
            xp = self.curve.b*slope*slope - self.curve.a - x1 - x2
            yp = -(y1 + slope * (xp-x1))
            return self.curve.point(xp, yp)