Correct sign handling in BN_add_word().

A sign handling bug was introduced to BN_add_word() in bn_word.c r1.18.
When handling addition to a negative bignum, the BN_sub_word() call can
result in the sign being flipped, which we need to account for. Use the
same code in BN_sub_word() - while not technically needed here it keeps
the code consistent.

Issue discovered by tb@

ok tb@

1 files changed, 3 insertions, 3 deletions

diff --git a/src/lib/libcrypto/bn/bn_word.c b/src/lib/libcrypto/bn/bn_word.c
index a44221c35f..c900f9ee2e 100644
--- a/src/lib/libcrypto/bn/bn_word.c
+++ b/src/lib/libcrypto/bn/bn_word.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_word.c,v 1.18 2023/02/13 04:25:37 jsing Exp $ */
+/* $OpenBSD: bn_word.c,v 1.19 2023/03/11 14:13:11 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -152,7 +152,7 @@ BN_add_word(BIGNUM *a, BN_ULONG w)
         if (a->neg) {
                 a->neg = 0;
                 i = BN_sub_word(a, w);
-                BN_set_negative(a, 1);
+                BN_set_negative(a, !a->neg);
                 return (i);
         }
         for (i = 0; w != 0 && i < a->top; i++) {
@@ -189,7 +189,7 @@ BN_sub_word(BIGNUM *a, BN_ULONG w)
         if (a->neg) {
                 a->neg = 0;
                 i = BN_add_word(a, w);
-                BN_set_negative(a, 1);
+                BN_set_negative(a, !a->neg);
                 return (i);
         }