artulab.com Git - openbsd/commit

author	bcook <bcook@openbsd.org>
	Tue, 5 Jul 2016 02:54:35 +0000 (02:54 +0000)
committer	bcook <bcook@openbsd.org>
	Tue, 5 Jul 2016 02:54:35 +0000 (02:54 +0000)
commit	c17ab57a969b3bfe7c63593bff1702d965461175
tree	b2d9b94bba632d7d0d75314b7c426e1abb3d2f2a	tree \| snapshot
parent	4b692c5e8a73e8bbaf1a8224bd9e495a4a5c01f1	commit \| diff

On systems where we do not have BN_ULLONG defined (most 64-bit systems),
BN_mod_word() can return incorrect results if the supplied modulus is
too big, so we need to fall back to BN_div_word.

Now that BN_mod_word may fail, handle errors properly update the man page.

Thanks to Brian Smith for pointing out these fixes from BoringSSL:

https://boringssl.googlesource.com/boringssl/+/67cb49d045f04973ddba0f92fe8a8ad483c7da89
https://boringssl.googlesource.com/boringssl/+/44bedc348d9491e63c7ed1438db100a4b8a830be

ok beck@

lib/libcrypto/bn/bn_prime.c		diff \| blob \| history
lib/libcrypto/bn/bn_word.c		diff \| blob \| history
lib/libcrypto/dh/dh_check.c		diff \| blob \| history
lib/libcrypto/man/BN_add_word.3		diff \| blob \| history
lib/libssl/src/crypto/bn/bn_prime.c		diff \| blob \| history
lib/libssl/src/crypto/bn/bn_word.c		diff \| blob \| history
lib/libssl/src/crypto/dh/dh_check.c		diff \| blob \| history
regress/lib/libcrypto/bn/general/bntest.c		diff \| blob \| history