Document BN_mod_mul_montgomery bug;

make disabled code slightly more correct (this does not solve the problem though).
author: Bodo Möller <bodo@openssl.org> 2000-09-19 18:02:15 +0000
committer: Bodo Möller <bodo@openssl.org> 2000-09-19 18:02:15 +0000
commit: a45bd29535a26a982eaef9be85822d08cbb49b0f (patch)
tree: 7f5af5b1f7a99adf8fef69f250820939e0744512 /crypto/bn/bn_mont.c
parent: 688fbf547568f6440cadbbf31cc9da1576a57f67 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index 932f5cecef..8fb171e132 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -85,7 +85,8 @@ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
 
 	if (a == b)
 		{
-#if 0 /* buggy -- try squaring  g  in the following parameters
+#if 0 /* buggy -- try squaring  g  (after converting it to Montgomery
+         representation) in the following parameters
          (but note that squaring 2 or 4 works):
 Diffie-Hellman-Parameters: (1024 bit)
     prime:
@@ -109,7 +110,7 @@ Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL
 		bn_wexpand(tmp2,a->top*4);
 		bn_sqr_recursive(tmp->d,a->d,a->top,tmp2->d);
 		tmp->top=a->top*2;
-		if (tmp->top > 0 && tmp->d[tmp->top-1] == 0)
+		while (tmp->top > 0 && tmp->d[tmp->top-1] == 0)
 			tmp->top--;
 #else
 		if (!BN_sqr(tmp,a,ctx)) goto err;
author	Bodo Möller <bodo@openssl.org>	2000-09-19 18:02:15 +0000
committer	Bodo Möller <bodo@openssl.org>	2000-09-19 18:02:15 +0000
commit	a45bd29535a26a982eaef9be85822d08cbb49b0f (patch)
tree	7f5af5b1f7a99adf8fef69f250820939e0744512 /crypto/bn/bn_mont.c
parent	688fbf547568f6440cadbbf31cc9da1576a57f67 (diff)