symm/poly1305.c: Change reading of 26-bit pieces.

This way, the masks fit together visually.

diff --git a/symm/poly1305.c b/symm/poly1305.c
index 9153149..99cc579 100644 (file)
--- a/symm/poly1305.c
+++ b/symm/poly1305.c
@@ -60,10 +60,10 @@ typedef uint32 felt[5];
 #define P p26
 
 /* Convert 32-bit words into field-element pieces. */
-#define P26W0(x)   ((x##0)&0x03ffffff)
-#define P26W1(x) ((((x##1)&0x000fffff) <<  6) | (((x##0) >> 26)&0x0000003f))
-#define P26W2(x) ((((x##2)&0x00003fff) << 12) | (((x##1) >> 20)&0x00000fff))
-#define P26W3(x) ((((x##3)&0x000000ff) << 18) | (((x##2) >> 14)&0x0003ffff))
+#define P26W0(x)  (((x##0) <<  0)&0x03ffffff)
+#define P26W1(x) ((((x##1) <<  6)&0x03ffffc0) | (((x##0) >> 26)&0x0000003f))
+#define P26W2(x) ((((x##2) << 12)&0x03ffffff) | (((x##1) >> 20)&0x00000fff))
+#define P26W3(x) ((((x##3) << 18)&0x03fc0000) | (((x##2) >> 14)&0x0003ffff))
 #define P26W4(x)                               (((x##3) >>  8)&0x00ffffff)
 
 /* Propagate carries in parallel.  If 0 <= u_i < 2^26 c_i, then we shall have