From: Geoff Thorpe Date: Sat, 13 Mar 2004 22:10:15 +0000 (+0000) Subject: Document a change I'd already made, and at the same time, correct the X-Git-Tag: LEVITTE_before_const~6 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9e051bac139ce07f846d88b90f3ec514c39ea416;p=openssl Document a change I'd already made, and at the same time, correct the change to work properly; BN_zero() should set 'neg' to zero as well as 'top' to match the behaviour of BN_new(). --- diff --git a/CHANGES b/CHANGES index 22449a3ac9..e675c90309 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,10 @@ Changes between 0.9.7c and 0.9.8 [xx XXX xxxx] + *) BN_CTX_get() should return zero-valued bignums, providing the same + initialised value as BN_new(). + [Geoff Thorpe, suggested by Ulf Möller] + *) Support for inhibitAnyPolicy certificate extension. [Steve Henson] @@ -21,7 +25,7 @@ some point, these tighter rules will become openssl's default to improve maintainability, though the assert()s and other overheads will remain only in debugging configurations. See bn.h for more details. - [Geoff Thorpe] + [Geoff Thorpe, Nils Larsch, Ulf Möller] *) BN_CTX_init() has been deprecated, as BN_CTX is an opaque structure that can only be obtained through BN_CTX_new() (which implicitly diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index 9366ce6d7f..f48055b268 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -140,6 +140,7 @@ void BN_CTX_start(BN_CTX *ctx) BIGNUM *BN_CTX_get(BN_CTX *ctx) { + BIGNUM *ret; /* Note: If BN_CTX_get is ever changed to allocate BIGNUMs dynamically, * make sure that if BN_CTX_get fails once it will return NULL again * until BN_CTX_end is called. (This is so that callers have to check @@ -155,9 +156,10 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx) } return NULL; } + ret = ctx->bn + (ctx->tos++); /* always return a 'zeroed' bignum */ - ctx->bn[ctx->tos].top = 0; - return (&(ctx->bn[ctx->tos++])); + BN_zero(ret); + return ret; } void BN_CTX_end(BN_CTX *ctx) diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c index 556fcda1e3..3b4392955e 100644 --- a/crypto/bn/bn_div.c +++ b/crypto/bn/bn_div.c @@ -214,7 +214,6 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, res=BN_CTX_get(ctx); else res=dv; if (sdiv == NULL || res == NULL) goto err; - tmp->neg=0; /* First we normalise the numbers */ norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);