1 files changed, 10 insertions, 10 deletions
diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c
index 9a695a2fb6..1b7eb4ec1b 100644
--- a/src/lib/libcrypto/ec/ec_mult.c
+++ b/src/lib/libcrypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_mult.c,v 1.42 2024/11/22 14:59:40 tb Exp $ */
+/* $OpenBSD: ec_mult.c,v 1.43 2024/11/22 15:21:14 tb Exp $ */
 /*
 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
 */
@@ -282,12 +282,12 @@ ec_wNAF_precompute(const EC_GROUP *group, const BIGNUM *m, const EC_POINT *point
                goto err;
        }
-        wsize[0] = EC_window_bits_for_scalar_size(BN_num_bits(n));
+        wsize[0] = EC_window_bits_for_scalar_size(BN_num_bits(m));
-        if ((wNAF[0] = compute_wNAF(n, wsize[0], &wNAF_len[0])) == NULL)
+        if ((wNAF[0] = compute_wNAF(m, wsize[0], &wNAF_len[0])) == NULL)
                goto err;
-        wsize[1] = EC_window_bits_for_scalar_size(BN_num_bits(m));
+        wsize[1] = EC_window_bits_for_scalar_size(BN_num_bits(n));
-        if ((wNAF[1] = compute_wNAF(m, wsize[1], &wNAF_len[1])) == NULL)
+        if ((wNAF[1] = compute_wNAF(n, wsize[1], &wNAF_len[1])) == NULL)
                goto err;
        len0 = 1 << (wsize[0] - 1);
@@ -302,9 +302,9 @@ ec_wNAF_precompute(const EC_GROUP *group, const BIGNUM *m, const EC_POINT *point
        row[0] = &val[0];
        row[1] = &val[len0];
-        if (!ec_compute_odd_multiples(group, point, row[0], len0, ctx))
+        if (!ec_compute_odd_multiples(group, generator, row[0], len0, ctx))
                goto err;
-        if (!ec_compute_odd_multiples(group, generator, row[1], len1, ctx))
+        if (!ec_compute_odd_multiples(group, point, row[1], len1, ctx))
                goto err;
        if (!EC_POINTs_make_affine(group, val_len, val, ctx))
@@ -365,9 +365,9 @@ ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *m,
        /*
         * Set r to the neutral element. Scan through the wNAF representations
         * of m and n, starting at the most significant digit. Double r and for
-         * each wNAF digit of m add the digit times the point, and for each
+         * each wNAF digit of m add the digit times the generator, and for each
-         * wNAF digit of n add the digit times the generator, adjusting the
+         * wNAF digit of n add the digit times the point, adjusting the signs
-         * signs as appropriate.
+         * as appropriate.
         */
        if (!EC_POINT_set_to_infinity(group, r))

diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c index 9a695a2fb6..1b7eb4ec1b 100644 --- a/src/lib/libcrypto/ec/ec_mult.c +++ b/src/lib/libcrypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ec_mult.c,v 1.42 2024/11/22 14:59:40 tb Exp $ */	1	/* $OpenBSD: ec_mult.c,v 1.43 2024/11/22 15:21:14 tb Exp $ */
2	/*	2	/*
3	* Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.	3	* Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
4	*/	4	*/
@@ -282,12 +282,12 @@ ec_wNAF_precompute(const EC_GROUP group, const BIGNUM m, const EC_POINT *point
282	goto err;	282	goto err;
283	}	283	}
284		284
285	wsize[0] = EC_window_bits_for_scalar_size(BN_num_bits(n));	285	wsize[0] = EC_window_bits_for_scalar_size(BN_num_bits(m));
286	if ((wNAF[0] = compute_wNAF(n, wsize[0], &wNAF_len[0])) == NULL)	286	if ((wNAF[0] = compute_wNAF(m, wsize[0], &wNAF_len[0])) == NULL)
287	goto err;	287	goto err;
288		288
289	wsize[1] = EC_window_bits_for_scalar_size(BN_num_bits(m));	289	wsize[1] = EC_window_bits_for_scalar_size(BN_num_bits(n));
290	if ((wNAF[1] = compute_wNAF(m, wsize[1], &wNAF_len[1])) == NULL)	290	if ((wNAF[1] = compute_wNAF(n, wsize[1], &wNAF_len[1])) == NULL)
291	goto err;	291	goto err;
292		292
293	len0 = 1 << (wsize[0] - 1);	293	len0 = 1 << (wsize[0] - 1);
@@ -302,9 +302,9 @@ ec_wNAF_precompute(const EC_GROUP group, const BIGNUM m, const EC_POINT *point
302	row[0] = &val[0];	302	row[0] = &val[0];
303	row[1] = &val[len0];	303	row[1] = &val[len0];
304		304
305	if (!ec_compute_odd_multiples(group, point, row[0], len0, ctx))	305	if (!ec_compute_odd_multiples(group, generator, row[0], len0, ctx))
306	goto err;	306	goto err;
307	if (!ec_compute_odd_multiples(group, generator, row[1], len1, ctx))	307	if (!ec_compute_odd_multiples(group, point, row[1], len1, ctx))
308	goto err;	308	goto err;
309		309
310	if (!EC_POINTs_make_affine(group, val_len, val, ctx))	310	if (!EC_POINTs_make_affine(group, val_len, val, ctx))
@@ -365,9 +365,9 @@ ec_wNAF_mul(const EC_GROUP group, EC_POINT r, const BIGNUM *m,
365	/*	365	/*
366	* Set r to the neutral element. Scan through the wNAF representations	366	* Set r to the neutral element. Scan through the wNAF representations
367	* of m and n, starting at the most significant digit. Double r and for	367	* of m and n, starting at the most significant digit. Double r and for
368	* each wNAF digit of m add the digit times the point, and for each	368	* each wNAF digit of m add the digit times the generator, and for each
369	* wNAF digit of n add the digit times the generator, adjusting the	369	* wNAF digit of n add the digit times the point, adjusting the signs
370	* signs as appropriate.	370	* as appropriate.
371	*/	371	*/
372		372
373	if (!EC_POINT_set_to_infinity(group, r))	373	if (!EC_POINT_set_to_infinity(group, r))