ecc-eh-to-a, eddsa-sign: Parameterize hard-coded value

This allows the same code to be reused in curve448 and Ed448. Signed-off-by: Daiki Ueno <dueno@redhat.com>
author: Daiki Ueno <dueno@redhat.com> 2017-08-05 09:43:47 +0200
committer: Niels Möller <nisse@lysator.liu.se> 2017-09-23 11:07:59 +0200
commit: 6cf6abd68eb3d6c8c8e5ab217be734f9c537037f (patch)
tree: 61182877b7a75ddcfe2e917e8f88994fb38fe6e3 /ecc-eh-to-a.c
parent: 49181d3f9df4ab35d3372d7e7ca6388c282c8101 (diff)
download: nettle-6cf6abd68eb3d6c8c8e5ab217be734f9c537037f.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/ecc-eh-to-a.c b/ecc-eh-to-a.c
index 2acaacb1..b9d412d2 100644
--- a/ecc-eh-to-a.c
+++ b/ecc-eh-to-a.c
@@ -73,7 +73,7 @@ ecc_eh_to_a (const struct ecc_curve *ecc,
 	     at all? Full reduction mod p is maybe sufficient. */
 	  unsigned shift;
 	  assert (ecc->p.bit_size == 255);
-	  shift = 252 - GMP_NUMB_BITS * (ecc->p.size - 1);
+	  shift = ecc->q.bit_size - 1 - GMP_NUMB_BITS * (ecc->p.size - 1);
 	  cy = mpn_submul_1 (r, ecc->q.m, ecc->p.size,
 			     r[ecc->p.size-1] >> shift);
 	  assert (cy < 2);
author	Daiki Ueno <dueno@redhat.com>	2017-08-05 09:43:47 +0200
committer	Niels Möller <nisse@lysator.liu.se>	2017-09-23 11:07:59 +0200
commit	6cf6abd68eb3d6c8c8e5ab217be734f9c537037f (patch)
tree	61182877b7a75ddcfe2e917e8f88994fb38fe6e3 /ecc-eh-to-a.c
parent	49181d3f9df4ab35d3372d7e7ca6388c282c8101 (diff)
download	nettle-6cf6abd68eb3d6c8c8e5ab217be734f9c537037f.tar.gz