Otto Moerbeek wrote: ....
Hmmm, did not try your patch yet, but here's another interesting case that doesn't use BN_bn2dec():
int g(void) { BIGNUM *a, *b;
a = BN_new(); BN_set_word(a, 0);
b = BN_new(); BN_set_word(b, 0); BN_add_word(b, 0);
return BN_cmp(a, b); }
returns -1 ...
Does BN_cmp also has the same problem, or is something else happening here?
BN_cmp has a similiar problem. BN_cmp does not check if the top value is really correct (but it uses the top value nonetheless) i.e. leading zeros matters for BN_cmp. I think the best solution to avoid this is to let BN_add_word (BN_sub_word) immediately return if w == 0 (otherwise you must include a bn_fix_top somewhere).
Nils
______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
