Document that BN_mod_sqrt assumes p is a prime.

Change-Id: I5be2337ce6c333b704894c64e7931919bc047995 Reviewed-on: https://boringssl-review.googlesource.com/8595 Reviewed-by: David Benjamin <davidben@google.com>
2016-07-03 12:03:54 -04:00 · 2016-07-03 12:03:54 -04:00 · ce9a2166d6
commit ce9a2166d6
parent 4cb00ba08c
2 changed files with 6 additions and 6 deletions
--- a/crypto/bn/sqrt.c
+++ b/crypto/bn/sqrt.c
@ -57,12 +57,11 @@
 #include <openssl/err.h>


-/* Returns 'ret' such that
- *      ret^2 == a (mod p),
- * using the Tonelli/Shanks algorithm (cf. Henri Cohen, "A Course
- * in Algebraic Computational Number Theory", algorithm 1.5.1).
- * 'p' must be prime! */
 BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) {
+  /* Compute a square root of |a| mod |p| using the Tonelli/Shanks algorithm
+   * (cf. Henri Cohen, "A Course in Algebraic Computational Number Theory",
+   * algorithm 1.5.1). |p| is assumed to be a prime. */
+
  BIGNUM *ret = in;
  int err = 1;
  int r;
--- a/include/openssl/bn.h
+++ b/include/openssl/bn.h
@ -565,7 +565,8 @@ OPENSSL_EXPORT int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m,
 OPENSSL_EXPORT int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a,
                                        const BIGNUM *m);

-/* BN_mod_sqrt returns a |BIGNUM|, r, such that r^2 == a (mod p). */
+/* BN_mod_sqrt returns a |BIGNUM|, r, such that r^2 == a (mod p). |p| must be a
+ * prime. */
 OPENSSL_EXPORT BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p,
                                   BN_CTX *ctx);