On Wed, 24 Sep 2003, Nils Larsch wrote:
> BN_cmp has a similiar problem. BN_cmp does not check if the top value
> is really correct (but it uses the top value nonetheless) i.e. leading
> zeros matters for BN_cmp. I think the best solution to avoid this is
> to let BN_add_word (BN_sub_word) immediately return if w == 0 (otherwise
> you must include a bn_fix_top somewhere).
>
> Nils
OK, that would amount to the fixes below:
- in BN_cmp, call bn_fix_top just before comparing the two tops.
- in bn_print.c, change if(x->top == 0) to if (BN_is_zero(x)) (a few
cases)
- in bn_word.c, add the (w & BN_MASK2) == 0 check for both adding and
subtracting. I'm using the masked value, to be consistent with the code
later on, which also masks w.
Diff against the OpenBSD version of two months ago (to get the
BN_add_word fix included). Applies without problems to openssl-0.9.7b.
-Otto
Index: bn_lib.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/crypto/bn/bn_lib.c,v
retrieving revision 1.9
diff -u -r1.9 bn_lib.c
--- bn_lib.c 12 May 2003 02:18:36 -0000 1.9
+++ bn_lib.c 24 Sep 2003 18:29:57 -0000
@@ -702,6 +702,9 @@
{ gt=1; lt= -1; }
else { gt= -1; lt=1; }
+ bn_fix_top(a);
+ bn_fix_top(b);
+
if (a->top > b->top) return(gt);
if (a->top < b->top) return(lt);
for (i=a->top-1; i>=0; i--)
Index: bn_print.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/crypto/bn/bn_print.c,v
retrieving revision 1.6
diff -u -r1.6 bn_print.c
--- bn_print.c 6 Apr 2003 09:22:53 -0000 1.6
+++ bn_print.c 24 Sep 2003 18:20:08 -0000
@@ -79,7 +79,7 @@
}
p=buf;
if (a->neg) *(p++)='-';
- if (a->top == 0) *(p++)='0';
+ if (BN_is_zero(a)) *(p++)='0';
for (i=a->top-1; i >=0; i--)
{
for (j=BN_BITS2-8; j >= 0; j-=8)
@@ -123,7 +123,7 @@
p=buf;
lp=bn_data;
if (t->neg) *(p++)='-';
- if (t->top == 0)
+ if (BN_is_zero(t))
{
*(p++)='0';
*(p++)='\0';
@@ -300,7 +300,7 @@
int ret=0;
if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end;
- if ((a->top == 0) && (BIO_write(bp,"0",1) != 1)) goto end;
+ if ((BN_is_zero(a)) && (BIO_write(bp,"0",1) != 1)) goto end;
for (i=a->top-1; i >=0; i--)
{
for (j=BN_BITS2-4; j >= 0; j-=4)
Index: bn_word.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/crypto/bn/bn_word.c,v
retrieving revision 1.5
diff -u -r1.5 bn_word.c
--- bn_word.c 12 May 2003 02:18:36 -0000 1.5
+++ bn_word.c 24 Sep 2003 18:31:25 -0000
@@ -110,6 +110,9 @@
BN_ULONG l;
int i;
+ if ((w & BN_MASK2) == 0)
+ return(1);
+
if (a->neg)
{
a->neg=0;
@@ -142,6 +145,9 @@
int BN_sub_word(BIGNUM *a, BN_ULONG w)
{
int i;
+
+ if ((w & BN_MASK2) == 0)
+ return(1);
if (BN_is_zero(a) || a->neg)
{
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
