[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Matt Caswell
matt at openssl.org
Tue May 1 13:25:55 UTC 2018
The branch OpenSSL_1_1_0-stable has been updated
via 966b3df182b9c8644c154f1c3e686027d37acb05 (commit)
from bbb88edeb6e2654cf0fabb88a31f23bee9632b03 (commit)
- Log -----------------------------------------------------------------
commit 966b3df182b9c8644c154f1c3e686027d37acb05
Author: Matt Caswell <matt at openssl.org>
Date: Mon Apr 30 15:05:45 2018 +0100
Clarify BN_mod_exp docs
Specifically this is not supported with an even modulus and
BN_FLG_CONSTTIME.
Fixes #5082
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6138)
-----------------------------------------------------------------------
Summary of changes:
doc/crypto/BN_add.pod | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/doc/crypto/BN_add.pod b/doc/crypto/BN_add.pod
index db3b0d4..418a6d7 100644
--- a/doc/crypto/BN_add.pod
+++ b/doc/crypto/BN_add.pod
@@ -92,7 +92,9 @@ BN_exp() raises I<a> to the I<p>-th power and places the result in I<r>
BN_mul().
BN_mod_exp() computes I<a> to the I<p>-th power modulo I<m> (C<r=a^p %
-m>). This function uses less time and space than BN_exp().
+m>). This function uses less time and space than BN_exp(). Do not call this
+function when B<m> is even and any of the parameters have the
+B<BN_FLG_CONSTTIME> flag set.
BN_gcd() computes the greatest common divisor of I<a> and I<b> and
places the result in I<r>. I<r> may be the same B<BIGNUM> as I<a> or
More information about the openssl-commits
mailing list