Add in another clamp to prevent infinite loops

Andras Fekete · Andras Fekete · commit 437c2020bd9a · 2023-08-15T17:05:43.000-04:00
M = i - 1 would make it 2^0. Anything above that would be negative powers which don't make sense.
diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
@@ -14749,6 +14749,11 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
         if (mp_cmp_d(t1, 1) == MP_EQ)
             break;
         res = mp_exptmod(t1, two, prime, t1);
+        if ((res == MP_OKAY) && (mp_cmp_d(M,i) == MP_EQ)) {
+          /* This is to clamp the loop in case 'prime' is not really prime */
+          res = MP_VAL;
+          break;
+        }
         if (res == MP_OKAY)
           i++;
       }
