--- crypto/bn/bn_sqrt.c.orig	Fri Feb 18 16:30:39 2022
+++ crypto/bn/bn_sqrt.c	Sat Mar 12 11:23:53 2022
@@ -351,21 +351,22 @@
 			goto vrfy;
 		}
 
-
-		/* find smallest  i  such that  b^(2^i) = 1 */
-		i = 1;
-		if (!BN_mod_sqr(t, b, p, ctx))
-			goto end;
-		while (!BN_is_one(t)) {
-			i++;
-			if (i == e) {
-				BNerror(BN_R_NOT_A_SQUARE);
-				goto end;
+		/* Find the smallest i with 0 < i < e such that b^(2^i) = 1. */
+		for (i = 1; i < e; i++) {
+			if (i == 1) {
+				if (!BN_mod_sqr(t, b, p, ctx))
+					goto end;
+			} else {
+				if (!BN_mod_sqr(t, t, p, ctx))
+					goto end;
 			}
-			if (!BN_mod_mul(t, t, t, p, ctx))
-				goto end;
+			if (BN_is_one(t))
+				break;
 		}
-
+		if (i >= e) {
+			BNerror(BN_R_NOT_A_SQUARE);
+			goto end;
+		}
 
 		/* t := y^2^(e - i - 1) */
 		if (!BN_copy(t, y))