BN_to_montgomery expects its inputs to be in the interval 0 .. modulus-1,

so we have to reduce the random numbers used in test_mont. Before this change, test_mont failed in [debug-]solaris-sparcv9-gcc configurations ("Montgomery multiplication test failed!" because the multiplication result obtained with Montgomery multiplication differed from the result obtained by BN_mod_mul). Substituing the old version of bn_gcd.c (BN_mod_inverse) did not avoid the problem. The strange thing is that it I did not observe any problems when using debug-solaris-sparcv8-gcc and solaris-sparcv9-cc, as well as when compiling OpenSSL 0.9.6 in the solaric-sparcv9-gcc configuration on the same system.
author: Bodo Möller <bodo@openssl.org> 2000-11-29 19:08:24 +0100
committer: Bodo Möller <bodo@openssl.org> 2000-11-29 19:08:24 +0100
commit: 14697d9d6d883bd1193c379900ee9102acd27c19 (patch)
tree: bfaaedb4df068b92387c846286f8699002044bf6 /crypto/bn/bntest.c
parent: Log security relevant change. (diff)
download: openssl-14697d9d6d883bd1193c379900ee9102acd27c19.tar.xz
openssl-14697d9d6d883bd1193c379900ee9102acd27c19.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c
index 86d384428c..9e478dfe24 100644
--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -629,6 +629,9 @@ int test_mont(BIO *bp, BN_CTX *ctx)
 		BN_rand(&n,bits,0,1);
 		BN_MONT_CTX_set(mont,&n,ctx);
 
+		BN_nnmod(&a,&a,&n,ctx);
+		BN_nnmod(&b,&b,&n,ctx);
+
 		BN_to_montgomery(&A,&a,mont,ctx);
 		BN_to_montgomery(&B,&b,mont,ctx);
author	Bodo Möller <bodo@openssl.org>	2000-11-29 19:08:24 +0100
committer	Bodo Möller <bodo@openssl.org>	2000-11-29 19:08:24 +0100
commit	14697d9d6d883bd1193c379900ee9102acd27c19 (patch)
tree	bfaaedb4df068b92387c846286f8699002044bf6 /crypto/bn/bntest.c
parent	Log security relevant change. (diff)
download	openssl-14697d9d6d883bd1193c379900ee9102acd27c19.tar.xz openssl-14697d9d6d883bd1193c379900ee9102acd27c19.zip