bn_mont.c fix [from HEAD].

2007-06-29 13:12:34 +00:00 · 2007-06-29 13:12:34 +00:00 · a166e96d16
commit a166e96d16
parent 8dd8ce1dc3
1 changed files with 17 additions and 23 deletions
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@ -246,18 +246,12 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,

 	rp=ret->d;
 	ap=&(r->d[ri]);
-	nrp=ap;

-	/* This 'if' denotes violation of 2*M<r^(n-1) boundary condition
-	 * formulated by C.D.Walter in "Montgomery exponentiation needs
-	 * no final subtractions." Incurred branch can disclose only
-	 * information about modulus length, which is not really secret. */
-	if ((mont->N.d[ri-1]>>(BN_BITS2-2))!=0)
 	{
 	size_t m1,m2;

-		v=bn_sub_words(rp,ap,mont->N.d,ri);
-		/* this -----------------------^^ works even in al<ri case
+	v=bn_sub_words(rp,ap,np,ri);
+	/* this ----------------^^ works even in al<ri case
 	 * thanks to zealous zeroing of top of the vector in the
 	 * beginning. */