From 06325636886daecdb46a5a5358e26ecd21bfccde Mon Sep 17 00:00:00 2001 From: Mark Wooding Date: Wed, 10 May 2017 21:19:32 +0100 Subject: [PATCH] math/scaf.c: Fix conditional subtractions in `scaf_reduce'. So that they actually subtract the right thing. Obvious blunder. The big surprise is that none of the literally thousands of Ed25519 tests which have hammered on that code caught it. (Found during development of Ed448, coming later.) --- math/scaf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/math/scaf.c b/math/scaf.c index 778e5e34..84ef3de8 100644 --- a/math/scaf.c +++ b/math/scaf.c @@ -269,7 +269,7 @@ void scaf_reduce(scaf_piece *z, const scaf_dblpiece *x, u += z[j] + (l[j] ^ m); t[j] = u&m; u >>= piecewd; } - for (j = 0, u = -u; j < npiece; j++) z[i] = (t[i]&u) | (z[i]&~u); + for (j = 0, u = -u; j < npiece; j++) z[j] = (t[j]&u) | (z[j]&~u); } } -- 2.11.0