+ crypto_core_ed25519_is_valid_point()

dist-build/emscripten-symbols.def

@@ -145,6 +145,7 @@ _crypto_box_seedbytes 1 1
 _crypto_box_zerobytes 0 1
 _crypto_core_ed25519_add 0 1
 _crypto_core_ed25519_sub 0 1
+_crypto_core_ed25519_is_valid_point 0 1
 _crypto_core_hchacha20 1 1
 _crypto_core_hchacha20_constbytes 1 1
 _crypto_core_hchacha20_inputbytes 1 1

src/libsodium/crypto_core/ed25519/core_ed25519.c

@@ -3,6 +3,21 @@
 #include "private/common.h"
 #include "private/ed25519_ref10.h"
 
+int
+crypto_core_ed25519_is_valid_point(const unsigned char *p)
+{
+    ge25519_p3 p_p3;
+
+    if (ge25519_is_canonical(p) == 0 ||
+        ge25519_has_small_order(p) != 0 ||
+        ge25519_frombytes(&p_p3, p) != 0 ||
+        ge25519_is_on_curve(&p_p3) == 0 ||
+        ge25519_is_on_main_subgroup(&p_p3) == 0) {
+        return -1;
+    }
+    return 0;
+}
+
 int
 crypto_core_ed25519_add(unsigned char *r,
                         const unsigned char *p, const unsigned char *q)

src/libsodium/include/sodium/crypto_core_ed25519.h

@@ -8,6 +8,9 @@
 extern "C" {
 #endif
 
+SODIUM_EXPORT
+int crypto_core_ed25519_is_valid_point(const unsigned char *p);
+
 SODIUM_EXPORT
 int crypto_core_ed25519_add(unsigned char *r,
                             const unsigned char *p, const unsigned char *q);