bn/asm/sparcv9-mont.pl: iron another glitch in squaring code path.
authorAndy Polyakov <appro@openssl.org>
Fri, 8 Jun 2018 13:02:39 +0000 (15:02 +0200)
committerAndy Polyakov <appro@openssl.org>
Sat, 9 Jun 2018 12:49:22 +0000 (14:49 +0200)
This module is used only with odd input lengths, i.e. not used in normal
PKI cases, on contemporary processors. The problem was "illuminated" by
fuzzing tests.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6440)

(cherry picked from commit f55ef97b5c0f8559f393b72ebd4b2de32ad6d231)

crypto/bn/asm/sparcv9-mont.pl

index 55ceecb84c15138a1846fb173c0ee44b58aac783..ef434bc39e25cfadc38878f4a74d4165972fe605 100644 (file)
@@ -493,6 +493,9 @@ $code.=<<___;
        mulx    $npj,$mul1,$acc1
        add     $tpj,$car1,$car1
        ld      [$np+$j],$npj                   ! np[j]
+       srlx    $car1,32,$tmp0
+       and     $car1,$mask,$car1
+       add     $tmp0,$sbit,$sbit
        add     $acc0,$car1,$car1
        ld      [$tp+8],$tpj                    ! tp[j]
        add     $acc1,$car1,$car1