bignum: fix boundary condition in montgomery logic
authorGeoff Thorpe <geoff@openssl.org>
Wed, 30 Apr 2014 15:39:24 +0000 (11:39 -0400)
committerGeoff Thorpe <geoff@openssl.org>
Wed, 30 Apr 2014 15:53:09 +0000 (11:53 -0400)
commit3cc546a3bbcbf26cd14fc45fb133d36820ed0a75
tree874dfddbe67b384fe9e6804523cbda677a07deb9
parentc434f7f80fdbb7c7359eb957549c3ba07255bf26
bignum: fix boundary condition in montgomery logic

It's not clear whether this inconsistency could lead to an actual
computation error, but it involved a BIGNUM being passed around the
montgomery logic in an inconsistent state. This was found using flags
-DBN_DEBUG -DBN_DEBUG_RAND, and working backwards from this assertion
in 'ectest';

ectest: bn_mul.c:960: BN_mul: Assertion `(_bnum2->top == 0) ||
(_bnum2->d[_bnum2->top - 1] != 0)' failed

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
(cherry picked from commit a52926189155d906d8c11ff97cbc1e5191d202cd)
crypto/bn/bn_exp.c