secp112r2 blinded_var_point_multiply incorrect result #3800
Description
#include <botan/system_rng.h>
#include <botan/ecdsa.h>
#include <iostream>
#include <vector>
int main(void)
{
Botan::System_RNG rng;
const Botan::BigInt P("4451685225093714772084598273548427");
{
const Botan::OID secp112r2_oid("1.3.132.0.7");
const Botan::EC_Group secp112r2(
P,
Botan::BigInt("1970543761890640310119143205433388"),
Botan::BigInt("1660538572255285715897238774208265"),
Botan::BigInt("1534098225527667214992304222930499"),
Botan::BigInt("3525120595527770847583704454622871"),
Botan::BigInt("1112921306273428674967732714786891"),
4,
secp112r2_oid);
Botan::OID::register_oid(secp112r2_oid, "secp112r2");
if ( !secp112r2.verify_group(rng) ) {
abort();
}
}
Botan::EC_Group group("secp112r2");
const Botan::BigInt x("3225931648031205307486810278534413");
const Botan::BigInt y("1220423137799363804926043977846677");
const Botan::BigInt scalar("10000000600000379007");
const Botan::PointGFp point = group.point(x, y);
std::vector<Botan::BigInt> ws(Botan::PointGFp::WORKSPACE_SIZE);
const Botan::PointGFp res = group.blinded_var_point_multiply(point, scalar, rng, ws);
/* Regular scalar multiplication */
//const Botan::PointGFp res = point * scalar;
std::cout << res.get_affine_x().to_dec_string() << std::endl;
std::cout << res.get_affine_y().to_dec_string() << std::endl;
return 0;
}This will sometimes print:
2197327064432923199574773159375907
1438700446997857257741718818607422
but it should print:
1054952879406896583239639924747045
2135042385550538484966259261096670
Maybe secp112r2/custom curves are not compatible with blinded_var_point_multiply? Though ideally it should throw an exception then.