curve25519-x86_64: tighten reductions modulo 2^256-38 - wireguard-monolithic-historical - Historical monolithic WireGuard repository, split into wireguard-tools, wireguard-linux, and wireguard-linux-compat.

diff options

author	Samuel Neves <sneves@dei.uc.pt>	2018-07-28 07:23:07 +0100
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2018-07-28 14:51:19 +0200
commit	cd55f52764b5e671dbe7e109825a77e64b8f78f2 (patch)
tree	97d019c0eed16cadcb11e33e836dc4814757bae2 /src/selftest
parent	curve25519-x86_64: simplify the final reduction by adding 19 beforehand (diff)
download	wireguard-monolithic-historical-cd55f52764b5e671dbe7e109825a77e64b8f78f2.tar.xz wireguard-monolithic-historical-cd55f52764b5e671dbe7e109825a77e64b8f78f2.zip

curve25519-x86_64: tighten reductions modulo 2^256-38

At this stage the value if C[4] is at most ((2^256-1) + 38*(2^256-1)) / 2^256 = 38, so there is no need to use a wide multiplication. Change inspired by Andy Polyakov's OpenSSL implementation. Signed-off-by: Samuel Neves <sneves@dei.uc.pt>

Diffstat (limited to 'src/selftest')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: