mirror/zig
1
0
Fork 0
mirror of https://github.com/ziglang/zig.git synced 2026-02-12 20:37:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

std.crypto: handle the top bit in 25519.field.fromBytes64() (#9435)

Browse Source 
The only known use case for this is the hash-to-curve operation where the top bit is always cleared.

But the function is public, so let's make it work as one would expect in the general case.

Also fix the comment by the way.
This commit is contained in:
Frank Denis 2021-07-22 01:27:42 +02:00 committed by GitHub
parent 8d0671157c
commit 680fa880d6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/std/crypto/25519/field.zig
View File

@ -93,7 +93,7 @@ pub const Fe = struct {
return s;
}
/// Map a 64-bit big endian string into a field element
/// Map a 64 bytes big endian string into a field element
pub fn fromBytes64(s: [64]u8) Fe {
var fl: [32]u8 = undefined;
var gl: [32]u8 = undefined;
@ -106,7 +106,7 @@ pub const Fe = struct {
gl[31] &= 0x7f;
var fe_f = fromBytes(fl);
const fe_g = fromBytes(gl);
fe_f.limbs[0] += (s[32] >> 7) * 19;
fe_f.limbs[0] += (s[32] >> 7) * 19 + @as(u10, s[0] >> 7) * 722;
i = 0;
while (i < 5) : (i += 1) {
fe_f.limbs[i] += 38 * fe_g.limbs[i];