handle case where private_value is the point at infinity (#6515)

Previously we raised InternalError, but now we raise a ValueError

2 files changed, 12 insertions, 1 deletions

diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 42c08cf8f..652c7eeac 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -1266,7 +1266,9 @@ class Backend(BackendInterface):
             bn_y = self._lib.BN_CTX_get(bn_ctx)
 
             res = get_func(group, point, bn_x, bn_y, bn_ctx)
-            self.openssl_assert(res == 1)
+            if res != 1:
+                self._consume_errors()
+                raise ValueError("Unable to derive key from private_value")
 
         res = self._lib.EC_KEY_set_public_key(ec_cdata, point)
         self.openssl_assert(res == 1)
diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py
index 0bc0952ee..7cb7b01d9 100644
--- a/tests/hazmat/primitives/test_ec.py
+++ b/tests/hazmat/primitives/test_ec.py
@@ -129,6 +129,15 @@ def test_derive_private_key_errors(backend):
         ec.derive_private_key(-7, curve, backend)
 
 
+def test_derive_point_at_infinity(backend):
+    curve = ec.SECP256R1()
+    _skip_curve_unsupported(backend, curve)
+    # order of the curve
+    q = 0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551
+    with pytest.raises(ValueError, match="Unable to derive"):
+        ec.derive_private_key(q, ec.SECP256R1())
+
+
 def test_ec_numbers():
     numbers = ec.EllipticCurvePrivateNumbers(
         1, ec.EllipticCurvePublicNumbers(2, 3, DummyCurve())