X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fbn%2Fbn_sqrt.c;h=6beaf9e5e5ddfd6da6942c67b045049a7c979ddb;hb=231a737a82cecde336ef4eeebdc26469f8c44e98;hp=52dbc68a131e8859a4f77f0ef06317b1880b1689;hpb=6fb60a84dd1ec81953917e0444dab50186617432;p=oweals%2Fopenssl.git

diff --git a/crypto/bn/bn_sqrt.c b/crypto/bn/bn_sqrt.c
index 52dbc68a13..6beaf9e5e5 100644
--- a/crypto/bn/bn_sqrt.c
+++ b/crypto/bn/bn_sqrt.c
@@ -1,4 +1,4 @@
-/* crypto/bn/bn_mod.c */
+/* crypto/bn/bn_sqrt.c */
 /* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
  * and Bodo Moeller for the OpenSSL project. */
 /* ====================================================================
@@ -65,8 +65,6 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
  * using the Tonelli/Shanks algorithm (cf. Henri Cohen, "A Course
  * in Algebraic Computational Number Theory", algorithm 1.5.1).
  * 'p' must be prime!
- * If 'a' is not a square, this is not necessarily detected by
- * the algorithms; a bogus result must be expected in this case.
  */
 	{
 	BIGNUM *ret = in;
@@ -85,9 +83,11 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 				goto end;
 			if (!BN_set_word(ret, BN_is_bit_set(a, 0)))
 				{
-				BN_free(ret);
+				if (ret != in)
+					BN_free(ret);
 				return NULL;
 				}
+			bn_check_top(ret);
 			return ret;
 			}
 
@@ -103,22 +103,14 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 			goto end;
 		if (!BN_set_word(ret, BN_is_one(a)))
 			{
-			BN_free(ret);
+			if (ret != in)
+				BN_free(ret);
 			return NULL;
 			}
+		bn_check_top(ret);
 		return ret;
 		}
 
-#if 0 /* if BN_mod_sqrt is used with correct input, this just wastes time */
-	r = BN_kronecker(a, p, ctx);
-	if (r < -1) return NULL;
-	if (r == -1)
-		{
-		BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
-		return(NULL);
-		}
-#endif
-
 	BN_CTX_start(ctx);
 	A = BN_CTX_get(ctx);
 	b = BN_CTX_get(ctx);
@@ -298,7 +290,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 		if (BN_is_zero(t))
 			{
 			/* special case: a == 0  (mod p) */
-			if (!BN_zero(ret)) goto end;
+			BN_zero(ret);
 			err = 0;
 			goto end;
 			}
@@ -311,7 +303,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 		if (BN_is_zero(x))
 			{
 			/* special case: a == 0  (mod p) */
-			if (!BN_zero(ret)) goto end;
+			BN_zero(ret);
 			err = 0;
 			goto end;
 			}
@@ -396,5 +388,6 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 		ret = NULL;
 		}
 	BN_CTX_end(ctx);
+	bn_check_top(ret);
 	return ret;
 	}