3 files changed, 19 insertions, 23 deletions
diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c
index 8ff518e938..129c12495c 100644
--- a/src/lib/libcrypto/bn/bn_exp.c
+++ b/src/lib/libcrypto/bn/bn_exp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_exp.c,v 1.54 2025/01/21 15:44:22 tb Exp $ */
+/* $OpenBSD: bn_exp.c,v 1.55 2025/01/22 10:08:10 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1023,7 +1023,7 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
        window = BN_window_bits_for_exponent_size(bits);
        if (window > 1) {
-                if (!BN_mod_mul_reciprocal(aa, val[0], val[0], recp, ctx))
+                if (!BN_mod_sqr_reciprocal(aa, val[0], recp, ctx))
                        goto err;
                j = 1 << (window - 1);
                for (i = 1; i < j; i++) {
@@ -1047,7 +1047,7 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
        for (;;) {
                if (BN_is_bit_set(q, wstart) == 0) {
                        if (!start)
-                                if (!BN_mod_mul_reciprocal(r, r, r, recp, ctx))
+                                if (!BN_mod_sqr_reciprocal(r, r, recp, ctx))
                                        goto err;
                        if (wstart == 0)
                                break;
@@ -1076,7 +1076,7 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
                /* add the 'bytes above' */
                if (!start)
                        for (i = 0; i < j; i++) {
-                                if (!BN_mod_mul_reciprocal(r, r, r, recp, ctx))
+                                if (!BN_mod_sqr_reciprocal(r, r, recp, ctx))
                                        goto err;
                        }
diff --git a/src/lib/libcrypto/bn/bn_local.h b/src/lib/libcrypto/bn/bn_local.h
index 2042e0b193..d9389995f7 100644
--- a/src/lib/libcrypto/bn/bn_local.h
+++ b/src/lib/libcrypto/bn/bn_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_local.h,v 1.46 2025/01/21 15:44:22 tb Exp $ */
+/* $OpenBSD: bn_local.h,v 1.47 2025/01/22 10:08:10 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -277,6 +277,8 @@ int	BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, BN_RECP_CTX *recp,
    BN_CTX *ctx);
 int     BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
    BN_RECP_CTX *recp, BN_CTX *ctx);
+int     BN_mod_sqr_reciprocal(BIGNUM *r, const BIGNUM *x, BN_RECP_CTX *recp,
+    BN_CTX *ctx);
 int     BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
    const BIGNUM *m, BN_CTX *ctx);
diff --git a/src/lib/libcrypto/bn/bn_recp.c b/src/lib/libcrypto/bn/bn_recp.c
index 8dd6b8af65..bf38380710 100644
--- a/src/lib/libcrypto/bn/bn_recp.c
+++ b/src/lib/libcrypto/bn/bn_recp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_recp.c,v 1.27 2025/01/22 09:39:56 tb Exp $ */
+/* $OpenBSD: bn_recp.c,v 1.28 2025/01/22 10:08:10 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -230,24 +230,18 @@ int
 BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
    BN_RECP_CTX *recp, BN_CTX *ctx)
 {
-        int ret = 0;
+        if (!BN_mul(r, x, y, ctx))
-        BIGNUM *a;
+                return 0;
-        BN_CTX_start(ctx);
+        return BN_div_recp(NULL, r, r, recp, ctx);
-        if ((a = BN_CTX_get(ctx)) == NULL)
+}
-                goto err;
-        if (x == y) {
-                if (!BN_sqr(a, x, ctx))
-                        goto err;
-        } else {
-                if (!BN_mul(a, x, y, ctx))
-                        goto err;
-        }
-        ret = BN_div_recp(NULL, r, a, recp, ctx);
+/* Compute r = x^2 % m. */
+int
+BN_mod_sqr_reciprocal(BIGNUM *r, const BIGNUM *x, BN_RECP_CTX *recp, BN_CTX *ctx)
+{
+        if (!BN_sqr(r, x, ctx))
+                return 0;
-err:
+        return BN_div_recp(NULL, r, r, recp, ctx);
-        BN_CTX_end(ctx);
-        return ret;
 }