1 files changed, 15 insertions, 14 deletions
diff --git a/src/lib/libcrypto/bn/bn_sqrt.c b/src/lib/libcrypto/bn/bn_sqrt.c
index 8514f23a27..de4f351d02 100644
--- a/src/lib/libcrypto/bn/bn_sqrt.c
+++ b/src/lib/libcrypto/bn/bn_sqrt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_sqrt.c,v 1.9 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: bn_sqrt.c,v 1.9.16.1 2022/03/15 15:55:07 tb Exp $ */
 /* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
 * and Bodo Moeller for the OpenSSL project. */
 /* ====================================================================
@@ -351,21 +351,22 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
                        goto vrfy;
                }
+                /* Find the smallest i with 0 < i < e such that b^(2^i) = 1. */
-                /* find smallest  i  such that  b^(2^i) = 1 */
+                for (i = 1; i < e; i++) {
-                i = 1;
+                        if (i == 1) {
-                if (!BN_mod_sqr(t, b, p, ctx))
+                                if (!BN_mod_sqr(t, b, p, ctx))
-                        goto end;
+                                        goto end;
-                while (!BN_is_one(t)) {
+                        } else {
-                        i++;
+                                if (!BN_mod_sqr(t, t, p, ctx))
-                        if (i == e) {
+                                        goto end;
-                                BNerror(BN_R_NOT_A_SQUARE);
-                                goto end;
                        }
-                        if (!BN_mod_mul(t, t, t, p, ctx))
+                        if (BN_is_one(t))
-                                goto end;
+                                break;
+                }
+                if (i >= e) {
+                        BNerror(BN_R_NOT_A_SQUARE);
+                        goto end;
                }
                /* t := y^2^(e - i - 1) */
                if (!BN_copy(t, y))

diff --git a/src/lib/libcrypto/bn/bn_sqrt.c b/src/lib/libcrypto/bn/bn_sqrt.c index 8514f23a27..de4f351d02 100644 --- a/src/lib/libcrypto/bn/bn_sqrt.c +++ b/src/lib/libcrypto/bn/bn_sqrt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn_sqrt.c,v 1.9 2017/01/29 17:49:22 beck Exp $ */	1	/* $OpenBSD: bn_sqrt.c,v 1.9.16.1 2022/03/15 15:55:07 tb Exp $ */
2	/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>	2	/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3	* and Bodo Moeller for the OpenSSL project. */	3	* and Bodo Moeller for the OpenSSL project. */
4	/* ====================================================================	4	/* ====================================================================
@@ -351,21 +351,22 @@ BN_mod_sqrt(BIGNUM in, const BIGNUM a, const BIGNUM p, BN_CTX ctx)
351	goto vrfy;	351	goto vrfy;
352	}	352	}
353		353
354		354	/* Find the smallest i with 0 < i < e such that b^(2^i) = 1. */
355	/* find smallest i such that b^(2^i) = 1 */	355	for (i = 1; i < e; i++) {
356	i = 1;	356	if (i == 1) {
357	if (!BN_mod_sqr(t, b, p, ctx))	357	if (!BN_mod_sqr(t, b, p, ctx))
358	goto end;	358	goto end;
359	while (!BN_is_one(t)) {	359	} else {
360	i++;	360	if (!BN_mod_sqr(t, t, p, ctx))
361	if (i == e) {	361	goto end;
362	BNerror(BN_R_NOT_A_SQUARE);
363	goto end;
364	}	362	}
365	if (!BN_mod_mul(t, t, t, p, ctx))	363	if (BN_is_one(t))
366	goto end;	364	break;
		365	}
		366	if (i >= e) {
		367	BNerror(BN_R_NOT_A_SQUARE);
		368	goto end;
367	}	369	}
368
369		370
370	/* t := y^2^(e - i - 1) */	371	/* t := y^2^(e - i - 1) */
371	if (!BN_copy(t, y))	372	if (!BN_copy(t, y))