Correctly detect b < a in BN_usub().

BN_usub() requires that a >= b and should return an error in the case that b < a. This is currently only detected by checking the number of words in a versus b - if they have the same number of words, the top word is not checked and b < a, which then succeeds and produces an incorrect result. Fix this by checking for the case where a and b have an equal number of words, yet there is a borrow returned from bn_sub_words(). ok miod@ tb@
author: jsing <> 2023-01-31 05:16:52 +0000
committer: jsing <> 2023-01-31 05:16:52 +0000
commit: 1577bb088bd6ac8a2578ab2e8af7f0ed8cbb1584 (patch)
tree: 89342ff559044bab73963cc74c1c24831e4c6592 /src/lib/libcrypto/man
parent: 8c50252c9c3391d1cd80957def3445109748b50d (diff)
download: openbsd-1577bb088bd6ac8a2578ab2e8af7f0ed8cbb1584.tar.gz
openbsd-1577bb088bd6ac8a2578ab2e8af7f0ed8cbb1584.tar.bz2
openbsd-1577bb088bd6ac8a2578ab2e8af7f0ed8cbb1584.zip
1 files changed, 3 insertions, 4 deletions
diff --git a/src/lib/libcrypto/man/BN_add.3 b/src/lib/libcrypto/man/BN_add.3
index c87514721a..a06b8af31c 100644
--- a/src/lib/libcrypto/man/BN_add.3
+++ b/src/lib/libcrypto/man/BN_add.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: BN_add.3,v 1.17 2022/11/16 14:19:22 schwarze Exp $
+.\" $OpenBSD: BN_add.3,v 1.18 2023/01/31 05:16:52 jsing Exp $
 .\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
 .\"
 .\" This file is a derived work.
@@ -66,7 +66,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: November 16 2022 $
+.Dd $Mdocdate: January 31 2023 $
 .Dt BN_ADD 3
 .Os
 .Sh NAME
@@ -318,8 +318,7 @@ It requires the absolute value of
 .Fa a
 to be greater than the absolute value of
 .Fa b ;
-otherwise, it will sometimes fail
+otherwise it will fail.
-and sometimes silently produce wrong results.
 .Fa r
 may be the same
 .Vt BIGNUM
author	jsing <>	2023-01-31 05:16:52 +0000
committer	jsing <>	2023-01-31 05:16:52 +0000
commit	1577bb088bd6ac8a2578ab2e8af7f0ed8cbb1584 (patch)
tree	89342ff559044bab73963cc74c1c24831e4c6592 /src/lib/libcrypto/man
parent	8c50252c9c3391d1cd80957def3445109748b50d (diff)
download	openbsd-1577bb088bd6ac8a2578ab2e8af7f0ed8cbb1584.tar.gz openbsd-1577bb088bd6ac8a2578ab2e8af7f0ed8cbb1584.tar.bz2 openbsd-1577bb088bd6ac8a2578ab2e8af7f0ed8cbb1584.zip

diff --git a/src/lib/libcrypto/man/BN_add.3 b/src/lib/libcrypto/man/BN_add.3 index c87514721a..a06b8af31c 100644 --- a/src/lib/libcrypto/man/BN_add.3 +++ b/src/lib/libcrypto/man/BN_add.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: BN_add.3,v 1.17 2022/11/16 14:19:22 schwarze Exp $	1	.\" $OpenBSD: BN_add.3,v 1.18 2023/01/31 05:16:52 jsing Exp $
2	.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100	2	.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
3	.\"	3	.\"
4	.\" This file is a derived work.	4	.\" This file is a derived work.
@@ -66,7 +66,7 @@
66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
68	.\"	68	.\"
69	.Dd $Mdocdate: November 16 2022 $	69	.Dd $Mdocdate: January 31 2023 $
70	.Dt BN_ADD 3	70	.Dt BN_ADD 3
71	.Os	71	.Os
72	.Sh NAME	72	.Sh NAME
@@ -318,8 +318,7 @@ It requires the absolute value of
318	.Fa a	318	.Fa a
319	to be greater than the absolute value of	319	to be greater than the absolute value of
320	.Fa b ;	320	.Fa b ;
321	otherwise, it will sometimes fail	321	otherwise it will fail.
322	and sometimes silently produce wrong results.
323	.Fa r	322	.Fa r
324	may be the same	323	may be the same
325	.Vt BIGNUM	324	.Vt BIGNUM