projects / BearSSL / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 431629d)
Cosmetic fix (value did not conform to its announced bit length, but this did not...
authorThomas Pornin <pornin@bolet.org>
Thu, 18 Oct 2018 15:51:10 +0000 (17:51 +0200)
committerThomas Pornin <pornin@bolet.org>
Thu, 18 Oct 2018 15:51:10 +0000 (17:51 +0200)
src/ec/ec_c25519_i31.c patch | blob | history

diff --git a/src/ec/ec_c25519_i31.c b/src/ec/ec_c25519_i31.c
index aa88dd6..d030c50 100644 (file)
--- a/src/ec/ec_c25519_i31.c
+++ b/src/ec/ec_c25519_i31.c
@@ -214,7 +214,7 @@ api_mul(unsigned char *G, size_t Glen,
         *    br_i31_decode_reduce(a, G, 32, C255_P);
         */
        br_i31_zero(b, 0x108);
         *    br_i31_decode_reduce(a, G, 32, C255_P);
         */
        br_i31_zero(b, 0x108);
-       b[9] = 0x0100;
+       b[9] = 0x0080;
        br_i31_decode_mod(a, G, 32, b);
        a[0] = 0x107;
        br_i31_sub(a, C255_P, NOT(br_i31_sub(a, C255_P, 0)));
        br_i31_decode_mod(a, G, 32, b);
        a[0] = 0x107;
        br_i31_sub(a, C255_P, NOT(br_i31_sub(a, C255_P, 0)));
The BearSSL library and tools.