summaryrefslogtreecommitdiff
path: root/src/lib/libc
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/bn/bn_sqrt.c15
1 files changed, 7 insertions, 8 deletions
diff --git a/src/lib/libcrypto/bn/bn_sqrt.c b/src/lib/libcrypto/bn/bn_sqrt.c
index 4b9638b6dc..644797d667 100644
--- a/src/lib/libcrypto/bn/bn_sqrt.c
+++ b/src/lib/libcrypto/bn/bn_sqrt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_sqrt.c,v 1.10 2022/03/15 15:52:39 tb Exp $ */ 1/* $OpenBSD: bn_sqrt.c,v 1.11 2022/06/20 15:02:21 tb Exp $ */
2/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> 2/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3 * and Bodo Moeller for the OpenSSL project. */ 3 * and Bodo Moeller for the OpenSSL project. */
4/* ==================================================================== 4/* ====================================================================
@@ -217,8 +217,9 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
217 217
218 /* e > 2, so we really have to use the Tonelli/Shanks algorithm. 218 /* e > 2, so we really have to use the Tonelli/Shanks algorithm.
219 * First, find some y that is not a square. */ 219 * First, find some y that is not a square. */
220 if (!BN_copy(q, p)) goto end; /* use 'q' as temp */ 220 if (!BN_copy(q, p)) /* use 'q' as temp */
221 q->neg = 0; 221 goto end;
222 q->neg = 0;
222 i = 2; 223 i = 2;
223 do { 224 do {
224 /* For efficiency, try small numbers first; 225 /* For efficiency, try small numbers first;
@@ -253,10 +254,9 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
253 BNerror(BN_R_P_IS_NOT_PRIME); 254 BNerror(BN_R_P_IS_NOT_PRIME);
254 goto end; 255 goto end;
255 } 256 }
256 } 257 } while (r == 1 && ++i < 82);
257 while (r == 1 && ++i < 82);
258 258
259 if (r != -1) { 259 if (r != -1) {
260 /* Many rounds and still no non-square -- this is more likely 260 /* Many rounds and still no non-square -- this is more likely
261 * a bug than just bad luck. 261 * a bug than just bad luck.
262 * Even if p is not prime, we should have found some y 262 * Even if p is not prime, we should have found some y
@@ -302,8 +302,7 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
302 goto end; 302 goto end;
303 303
304 /* x := a^((q-1)/2) */ 304 /* x := a^((q-1)/2) */
305 if (BN_is_zero(t)) /* special case: p = 2^e + 1 */ 305 if (BN_is_zero(t)) { /* special case: p = 2^e + 1 */
306 {
307 if (!BN_nnmod(t, A, p, ctx)) 306 if (!BN_nnmod(t, A, p, ctx))
308 goto end; 307 goto end;
309 if (BN_is_zero(t)) { 308 if (BN_is_zero(t)) {