Misc BN fixes

Never output -0; make "negative zero" an impossibility. Do better checking on BN_rand top/bottom requirements and #bits. Update doc. Ignoring trailing garbage in BN_asc2bn. Port this commit from boringSSL: https://boringssl.googlesource.com/boringssl/+/899b9b19a4cd3fe526aaf5047ab9234cdca19f7d%5E!/ Ensure |BN_div| never gives negative zero in the no_branch code. Have |bn_correct_top| fix |bn->neg| if the input is zero so that we don't have negative zeros lying around. Thanks to Brian Smith for noticing. Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit 01c09f9fde5793e0b3712d602b02e2aed4908e8d) (Some manual work required)
author: Rich Salz <rsalz@openssl.org> 2016-09-05 18:08:43 -0400
committer: Rich Salz <rsalz@openssl.org> 2016-09-06 11:09:50 -0400
commit: 3f1014960353af29a05a7b5dac40afd30d4f9bb3 (patch)
tree: 23540ca3aacdf6e04dc4475af9e4a39a293a05b5 /crypto/bn/bn.h
parent: 2a20b6d9731488bcb500e58a434375f59fb9adcc (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h
index 86264ae631..633d1b1f60 100644
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@@ -842,6 +842,8 @@ int RAND_pseudo_bytes(unsigned char *buf, int num);
                         if (*(ftl--)) break; \
                 (a)->top = tmp_top; \
                 } \
+        if ((a)->top == 0) \
+            (a)->neg = 0; \
         bn_pollute(a); \
         }
author	Rich Salz <rsalz@openssl.org>	2016-09-05 18:08:43 -0400
committer	Rich Salz <rsalz@openssl.org>	2016-09-06 11:09:50 -0400
commit	3f1014960353af29a05a7b5dac40afd30d4f9bb3 (patch)
tree	23540ca3aacdf6e04dc4475af9e4a39a293a05b5 /crypto/bn/bn.h
parent	2a20b6d9731488bcb500e58a434375f59fb9adcc (diff)