From 84a2ca7a4ec14589a197adf6b5a595a72200dd6d Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Thu, 28 Nov 2019 13:05:36 +0100
Subject: [PATCH] Map the Jacobian point back to affine space in
 wolfSSL_EC_POINT_get_affine_coordinates_GFp

---
 src/ssl.c           | 24 +++++++++++++++++++++++-
 tests/api.c         |  5 +++++
 wolfcrypt/src/ecc.c |  2 +-
 3 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index 16e7e9fd0..f20ec0a8b 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -34413,12 +34413,14 @@ int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP *group,
                                                 WOLFSSL_BIGNUM *y,
                                                 WOLFSSL_BN_CTX *ctx)
 {
+    mp_digit mp;
+    mp_int modulus;
     (void)ctx;
 
     WOLFSSL_ENTER("wolfSSL_EC_POINT_get_affine_coordinates_GFp");
 
     if (group == NULL || point == NULL || point->internal == NULL ||
-        x == NULL || y == NULL) {
+        x == NULL || y == NULL || wolfSSL_EC_POINT_is_at_infinity(group, point)) {
         WOLFSSL_MSG("wolfSSL_EC_POINT_get_affine_coordinates_GFp NULL error");
         return WOLFSSL_FAILURE;
     }
@@ -34432,6 +34434,26 @@ int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP *group,
         }
     }
 
+    if (!wolfSSL_BN_is_one(point->Z)) {
+        /* Map the Jacobian point back to affine space */
+        if (mp_read_radix(&modulus, ecc_sets[group->curve_idx].prime, MP_RADIX_HEX) != MP_OKAY) {
+            WOLFSSL_MSG("mp_read_radix failed");
+            return WOLFSSL_FAILURE;
+        }
+        if (mp_montgomery_setup(&modulus, &mp) != MP_OKAY) {
+            WOLFSSL_MSG("mp_montgomery_setup failed");
+            return WOLFSSL_FAILURE;
+        }
+        if (ecc_map((ecc_point*)point->internal, &modulus, mp) != MP_OKAY) {
+            WOLFSSL_MSG("ecc_map failed");
+            return WOLFSSL_FAILURE;
+        }
+        if (SetECPointExternal((WOLFSSL_EC_POINT *)point) != WOLFSSL_SUCCESS) {
+            WOLFSSL_MSG("SetECPointExternal failed");
+            return WOLFSSL_FAILURE;
+        }
+    }
+
     BN_copy(x, point->X);
     BN_copy(y, point->Y);
 
diff --git a/tests/api.c b/tests/api.c
index c044f7a4f..107d8b802 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -1825,6 +1825,11 @@ static void test_wolfSSL_EC(void)
     /* check if point X coordinate is zero */
     AssertIntEQ(BN_is_zero(new_point->X), WOLFSSL_FAILURE);
 
+    /* Force non-affine coordinates */
+    AssertIntEQ(wolfSSL_BN_add(new_point->Z, (WOLFSSL_BIGNUM*)BN_value_one(),
+                                             (WOLFSSL_BIGNUM*)BN_value_one()), 1);
+    new_point->inSet = 0;
+
     /* extract the coordinates from point */
     AssertIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y, ctx), WOLFSSL_SUCCESS);
 
diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
index cedabc53b..31c4090fc 100644
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@@ -2281,7 +2281,7 @@ int ecc_projective_dbl_point(ecc_point *P, ecc_point *R, mp_int* a,
 
 
 /**
-  Map a projective jacbobian point back to affine space
+  Map a projective Jacobian point back to affine space
   P        [in/out] The point to map
   modulus  The modulus of the field the ECC curve is in
   mp       The "b" value from montgomery_setup()