From 56539331b1343719956ed1068b842ea73404b35a Mon Sep 17 00:00:00 2001
From: jsing <jsing@openbsd.org>
Date: Wed, 18 Jan 2023 05:29:48 +0000
Subject: [PATCH] Bring in a description of bn_words_3_div().

This comes from OpenSSL commit 3da2e9c4ee45989a426ff513dc6c6250d1e460de.

ok tb@
---
 lib/libcrypto/bn/bn_div.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/lib/libcrypto/bn/bn_div.c b/lib/libcrypto/bn/bn_div.c
index 7f0560f7c52..47e491ec461 100644
--- a/lib/libcrypto/bn/bn_div.c
+++ b/lib/libcrypto/bn/bn_div.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_div.c,v 1.30 2023/01/18 05:27:30 jsing Exp $ */
+/* $OpenBSD: bn_div.c,v 1.31 2023/01/18 05:29:48 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -111,6 +111,14 @@ BN_ULONG bn_div_3_words(const BN_ULONG *m, BN_ULONG d1, BN_ULONG d0);
 # endif /* __GNUC__ */
 #endif /* OPENSSL_NO_ASM */
 
+/*
+ * Interface is somewhat quirky, |m| is pointer to most significant limb,
+ * and less significant limb is referred at |m[-1]|. This means that caller
+ * is responsible for ensuring that |m[-1]| is valid. Second condition that
+ * has to be met is that |d0|'s most significant bit has to be set. Or in
+ * other words divisor has to be "bit-aligned to the left." The subroutine
+ * considers four limbs, two of which are "overlapping," hence the name...
+ */
 BN_ULONG
 bn_div_3_words(const BN_ULONG *m, BN_ULONG d1, BN_ULONG d0)
 {
-- 
2.20.1