make BN_FLG_CONSTTIME semantics more fool-proof

author: Bodo Möller <bodo@openssl.org> 2007-03-28 18:41:23 +0000
committer: Bodo Möller <bodo@openssl.org> 2007-03-28 18:41:23 +0000
commit: b002265ee34d1f0310009c4266ca865253b1a844 (patch)
tree: 17703aa296a37a438590d30b512b426dc99db5a5 /CHANGES
parent: bd31fb21454609b125ade1ad569ebcc2a2b9b73c (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/CHANGES b/CHANGES
index 21b90edcc7..719145edec 100644
--- a/CHANGES
+++ b/CHANGES
@@ -493,9 +493,9 @@
      BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(),
      respectively, which are slower, but avoid the security-relevant
      conditional branches.  These are automatically called by BN_div()
-     and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for the
-     modulus.  Also, BN_is_bit_set() has been changed to remove a
-     conditional branch.
+     and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for one
+     of the input BIGNUMs.  Also, BN_is_bit_set() has been changed to
+     remove a conditional branch.
 
      BN_FLG_CONSTTIME is the new name for the previous
      BN_FLG_EXP_CONSTTIME flag, since it now affects more than just
author	Bodo Möller <bodo@openssl.org>	2007-03-28 18:41:23 +0000
committer	Bodo Möller <bodo@openssl.org>	2007-03-28 18:41:23 +0000
commit	b002265ee34d1f0310009c4266ca865253b1a844 (patch)
tree	17703aa296a37a438590d30b512b426dc99db5a5 /CHANGES
parent	bd31fb21454609b125ade1ad569ebcc2a2b9b73c (diff)