The unified diff between revisions [0dc5b2d6..] and [b14c94b9..] is displayed below. It can also be downloaded as a raw diff.

This diff has been restricted to the following files: 'bn_fast_s_mp_mul_high_digs.c'

#
#
# patch "bn_fast_s_mp_mul_high_digs.c"
#  from [0d7785aa91e231bdc765d67ff4074ecc29d556a2]
#    to [ceff3a71492dd8079556c72a83364f4930e9e733]
#
============================================================
--- bn_fast_s_mp_mul_high_digs.c	0d7785aa91e231bdc765d67ff4074ecc29d556a2
+++ bn_fast_s_mp_mul_high_digs.c	ceff3a71492dd8079556c72a83364f4930e9e733
@@ -24,8 +24,7 @@
  *
  * Based on Algorithm 14.12 on pp.595 of HAC.
  */
-int
-fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
+int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
 {
   int     olduse, res, pa, ix, iz;
   mp_digit W[MP_WARRAY];
@@ -42,7 +41,7 @@ fast_s_mp_mul_high_digs (mp_int * a, mp_
   /* number of output digits to produce */
   pa = a->used + b->used;
   _W = 0;
-  for (ix = digs; ix <= pa; ix++) {
+  for (ix = digs; ix < pa; ix++) {
       int      tx, ty, iy;
       mp_digit *tmpx, *tmpy;

@@ -70,6 +69,9 @@ fast_s_mp_mul_high_digs (mp_int * a, mp_
       /* make next carry */
       _W = _W >> ((mp_word)DIGIT_BIT);
   }
+
+  /* store final carry */
+  W[ix] = (mp_digit)(_W & MP_MASK);

   /* setup dest */
   olduse  = c->used;