BN_mod_sqrt documentation/comment

diff --git a/CHANGES b/CHANGES
index ab334b87e1135bc27485f03d5f49cbdb08559edd..9a1ad16fe38201888a277d060f631a1557d79765 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -32,7 +32,9 @@
      [Richard Levitte]
 
   *) New function BN_mod_sqrt for computing square roots modulo a prime
-     (Tonelli-Shanks algorithm unless  p == 3 (mod 4)  or  p == 5 (mod 8)).
+     (using the probabilistic Tonelli-Shanks algorithm unless
+     p == 3 (mod 4)  or  p == 5 (mod 8),  which are cases that can
+     be handled deterministically).
      [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller]
 
   *) Store verify_result within SSL_SESSION also for client side to

diff --git a/crypto/bn/bn_sqrt.c b/crypto/bn/bn_sqrt.c
index a54d9d29195a5c9c693b9b2c621cfca87b85f7ca..6d50b5d895bc56e09ecaddd613f83f7f2c24a100 100644 (file)
--- a/crypto/bn/bn_sqrt.c
+++ b/crypto/bn/bn_sqrt.c
@@ -201,7 +201,7 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
 
                /* t := (2*a)*b^2 - 1*/
                if (!BN_mod_mul(t, t, y, p, ctx)) goto end;
-               if (!BN_sub_word(t, 1)) goto end; /* cannot become negative */
+               if (!BN_sub_word(t, 1)) goto end;
 
                /* x = a*b*t */
                if (!BN_mod_mul(x, a, b, p, ctx)) goto end;