math/scaf.c, etc.: Only need 3*NPIECE words of scratch space.

The extra one would have been necessary because we're calculating the
high half of a product of two (NPIECE + 1)-piece numbers, but in fact we
only need the low NPIECE pieces of the result.

Fix the commentary and the callers.

diff --git a/math/scaf.c b/math/scaf.c
index cb68ad9..59f9c6e 100644 (file)
--- a/math/scaf.c
+++ b/math/scaf.c
@@ -205,7 +205,7 @@ void scaf_mul(scaf_dblpiece *z, const scaf_piece *x, const scaf_piece *y,
  *             @const scaf_piece *mu@ = scaled approximation to @1/l@
  *             @size_t npiece@ = number of pieces in @l@
  *             @unsigned piecewd@ = nominal width of a piece in bits
- *             @scaf_piece *scratch@ = @3*npiece + 1@ scratch pieces
+ *             @scaf_piece *scratch@ = @3*npiece@ scratch pieces
  *
  * Returns:    ---
  *

diff --git a/math/scaf.h b/math/scaf.h
index 2535a9c..3f0afc7 100644 (file)
--- a/math/scaf.h
+++ b/math/scaf.h
@@ -135,7 +135,7 @@ extern void scaf_mul(scaf_dblpiece */*z*/, const scaf_piece */*x*/,
  *             @const scaf_piece *mu@ = scaled approximation to @1/l@
  *             @size_t npiece@ = number of pieces in @l@
  *             @unsigned piecewd@ = nominal width of a piece in bits
- *             @scaf_piece *scratch@ = @3*npiece + 1@ scratch pieces
+ *             @scaf_piece *scratch@ = @3*npiece@ scratch pieces
  *
  * Returns:    ---
  *

diff --git a/pub/ed25519.c b/pub/ed25519.c
index 2dc1161..f23c272 100644 (file)
--- a/pub/ed25519.c
+++ b/pub/ed25519.c
@@ -319,7 +319,7 @@ void ed25519ctx_sign(octet sig[ED25519_SIGSZ],
                     const void *m, size_t msz)
 {
   sha512_ctx h;
-  scaf_piece a[NPIECE], r[NPIECE], t[NPIECE], scratch[3*NPIECE + 1];
+  scaf_piece a[NPIECE], r[NPIECE], t[NPIECE], scratch[3*NPIECE];
   scaf_dblpiece tt[2*NPIECE];
   f25519 RX, RY, RZ;
   octet h1[32], pb[PREFIX_BUFSZ], rb[SHA512_HASHSZ];
@@ -388,7 +388,7 @@ int ed25519ctx_verify(const octet K[ED25519_PUBSZ],
                      const octet sig[ED25519_SIGSZ])
 {
   sha512_ctx h;
-  scaf_piece s[NPIECE], t[NPIECE], scratch[3*NPIECE + 1];
+  scaf_piece s[NPIECE], t[NPIECE], scratch[3*NPIECE];
   scaf_dblpiece tt[2*NPIECE];
   f25519 AX, AY, AZ, RX, RY, RZ;
   octet b[PREFIX_BUFSZ];

diff --git a/pub/ed448.c b/pub/ed448.c
index a3a9421..714987f 100644 (file)
--- a/pub/ed448.c
+++ b/pub/ed448.c
@@ -317,7 +317,7 @@ void ed448_sign(octet sig[ED448_SIGSZ],
                const void *m, size_t msz)
 {
   shake_ctx h;
-  scaf_piece a[NPIECE], r[NPIECE], t[NPIECE], scratch[3*NPIECE + 1];
+  scaf_piece a[NPIECE], r[NPIECE], t[NPIECE], scratch[3*NPIECE];
   scaf_dblpiece tt[2*NPIECE];
   fgoldi RX, RY, RZ;
   octet h1[57], pb[PREFIX_BUFSZ], rb[114];
@@ -376,7 +376,7 @@ int ed448_verify(const octet K[ED448_PUBSZ],
                 const octet sig[ED448_SIGSZ])
 {
   shake_ctx h;
-  scaf_piece s[NPIECE], t[NPIECE], scratch[3*NPIECE + 1];
+  scaf_piece s[NPIECE], t[NPIECE], scratch[3*NPIECE];
   scaf_dblpiece tt[2*NPIECE];
   fgoldi AX, AY, AZ, RX, RY, RZ;
   octet b[PREFIX_BUFSZ];