summaryrefslogtreecommitdiffhomepage
path: root/src/crypto/curve25519.c
diff options
context:
space:
mode:
authorSamuel Neves <sneves@dei.uc.pt>2018-07-28 05:31:10 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2018-07-28 14:47:25 +0200
commit2ff62d8431b18db111c126dd2ef26e5417da1c62 (patch)
tree4395434f107a203e4d21f2f3d99c525147c37cc4 /src/crypto/curve25519.c
parent7570a39724d19180ca1c62e4c960e1c19fa0756f (diff)
curve25519-x86_64: tighten the x25519 assembly
The wide multiplication by 38 in mul_a24_eltfp25519_1w is redundant: (2^256-1) * 121666 / 2^256 is at most 121665, and therefore a 64-bit multiplication can never overflow. Change inspired by Andy Polyakov's OpenSSL implementation. Signed-off-by: Samuel Neves <sneves@dei.uc.pt> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'src/crypto/curve25519.c')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-22 08:34:58 +0000