From c37acb14ff755777750095c3edd59e1923c97c17 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Tue, 4 Jun 2019 18:12:26 +0000
Subject: Readability tweaks for comments that explain the blinding.

---
 src/lib/libcrypto/dsa/dsa_ossl.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index 50a73c0fa9..ecf2662467 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_ossl.c,v 1.41 2019/06/04 18:10:11 tb Exp $ */
+/* $OpenBSD: dsa_ossl.c,v 1.42 2019/06/04 18:12:26 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -148,7 +148,7 @@ dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	 * In order to reduce the possibility of a side-channel attack, the
 	 * following is calculated using a blinding value:
 	 *
-	 *  s = inv(k)inv(b)(bm + bxr) mod q
+	 *  s = inv(b)(bm + bxr)inv(k) mod q
 	 *
 	 * Where b is a random value in the range [1, q).
 	 */
@@ -159,11 +159,11 @@ dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 
 	if (!BN_mod_mul(&bxr, &b, dsa->priv_key, dsa->q, ctx))	/* bx */
 		goto err;
-	if (!BN_mod_mul(&bxr, &bxr, r, dsa->q, ctx))		/* bxr */
+	if (!BN_mod_mul(&bxr, &bxr, r, dsa->q, ctx))	/* bxr */
 		goto err;
-	if (!BN_mod_mul(&bm, &b, &m, dsa->q, ctx))		/* bm */
+	if (!BN_mod_mul(&bm, &b, &m, dsa->q, ctx))	/* bm */
 		goto err;
-	if (!BN_mod_add(s, &bxr, &bm, dsa->q, ctx))		/* s = bm + bxr */
+	if (!BN_mod_add(s, &bxr, &bm, dsa->q, ctx))	/* s = bm + bxr */
 		goto err;
 	if (!BN_mod_mul(s, s, kinv, dsa->q, ctx))	/* s = b(m + xr)k^-1 */
 		goto err;
-- 
cgit v1.2.3-55-g6feb