From 14594075895390dd7aac69fd2c11f65ca275ad4e Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sat, 24 Jun 2023 16:10:23 +0000
Subject: Check for non-zero length rather than a zero value.

This removes a data dependent timing path from BN_sqr().

ok tb@
---
 src/lib/libcrypto/bn/bn_sqr.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c
index 4eab796c90..5f3be22304 100644
--- a/src/lib/libcrypto/bn/bn_sqr.c
+++ b/src/lib/libcrypto/bn/bn_sqr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_sqr.c,v 1.31 2023/06/24 16:01:43 jsing Exp $ */
+/* $OpenBSD: bn_sqr.c,v 1.32 2023/06/24 16:10:23 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -274,7 +274,7 @@ BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
 
 	BN_CTX_start(ctx);
 
-	if (BN_is_zero(a)) {
+	if (a->top < 1) {
 		BN_zero(r);
 		goto done;
 	}
-- 
cgit v1.2.3-55-g6feb