projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Commit #16325 fixed one thing but broke DH with certain moduli [from HEAD].
[oweals/openssl.git]
/
crypto
/
bn
/
bn_sqrt.c
diff --git
a/crypto/bn/bn_sqrt.c
b/crypto/bn/bn_sqrt.c
index 52dbc68a131e8859a4f77f0ef06317b1880b1689..6beaf9e5e5ddfd6da6942c67b045049a7c979ddb 100644
(file)
--- a/
crypto/bn/bn_sqrt.c
+++ b/
crypto/bn/bn_sqrt.c
@@
-1,4
+1,4
@@
-/* crypto/bn/bn_
mod
.c */
+/* crypto/bn/bn_
sqrt
.c */
/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
* and Bodo Moeller for the OpenSSL project. */
/* ====================================================================
/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
* and Bodo Moeller for the OpenSSL project. */
/* ====================================================================
@@
-65,8
+65,6
@@
BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
* using the Tonelli/Shanks algorithm (cf. Henri Cohen, "A Course
* in Algebraic Computational Number Theory", algorithm 1.5.1).
* 'p' must be prime!
* using the Tonelli/Shanks algorithm (cf. Henri Cohen, "A Course
* in Algebraic Computational Number Theory", algorithm 1.5.1).
* 'p' must be prime!
- * If 'a' is not a square, this is not necessarily detected by
- * the algorithms; a bogus result must be expected in this case.
*/
{
BIGNUM *ret = in;
*/
{
BIGNUM *ret = in;
@@
-85,9
+83,11
@@
BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
goto end;
if (!BN_set_word(ret, BN_is_bit_set(a, 0)))
{
goto end;
if (!BN_set_word(ret, BN_is_bit_set(a, 0)))
{
- BN_free(ret);
+ if (ret != in)
+ BN_free(ret);
return NULL;
}
return NULL;
}
+ bn_check_top(ret);
return ret;
}
return ret;
}
@@
-103,22
+103,14
@@
BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
goto end;
if (!BN_set_word(ret, BN_is_one(a)))
{
goto end;
if (!BN_set_word(ret, BN_is_one(a)))
{
- BN_free(ret);
+ if (ret != in)
+ BN_free(ret);
return NULL;
}
return NULL;
}
+ bn_check_top(ret);
return ret;
}
return ret;
}
-#if 0 /* if BN_mod_sqrt is used with correct input, this just wastes time */
- r = BN_kronecker(a, p, ctx);
- if (r < -1) return NULL;
- if (r == -1)
- {
- BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
- return(NULL);
- }
-#endif
-
BN_CTX_start(ctx);
A = BN_CTX_get(ctx);
b = BN_CTX_get(ctx);
BN_CTX_start(ctx);
A = BN_CTX_get(ctx);
b = BN_CTX_get(ctx);
@@
-298,7
+290,7
@@
BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
if (BN_is_zero(t))
{
/* special case: a == 0 (mod p) */
if (BN_is_zero(t))
{
/* special case: a == 0 (mod p) */
-
if (!BN_zero(ret)) goto end
;
+
BN_zero(ret)
;
err = 0;
goto end;
}
err = 0;
goto end;
}
@@
-311,7
+303,7
@@
BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
if (BN_is_zero(x))
{
/* special case: a == 0 (mod p) */
if (BN_is_zero(x))
{
/* special case: a == 0 (mod p) */
-
if (!BN_zero(ret)) goto end
;
+
BN_zero(ret)
;
err = 0;
goto end;
}
err = 0;
goto end;
}
@@
-396,5
+388,6
@@
BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
ret = NULL;
}
BN_CTX_end(ctx);
ret = NULL;
}
BN_CTX_end(ctx);
+ bn_check_top(ret);
return ret;
}
return ret;
}