Commit 5ab69633b7
Changed files (2)
lib
std
crypto
lib/std/crypto/25519/curve25519.zig
@@ -43,28 +43,21 @@ pub const Curve25519 = struct {
var swap: u8 = 0;
var pos: usize = bits - 1;
while (true) : (pos -= 1) {
- const b = (s[pos >> 3] >> @truncate(u3, pos)) & 1;
- swap ^= b;
+ const bit = (s[pos >> 3] >> @truncate(u3, pos)) & 1;
+ swap ^= bit;
Fe.cSwap2(&x2, &x3, &z2, &z3, swap);
- swap = b;
- var tmp0 = x3.sub(z3);
- var tmp1 = x2.sub(z2);
- x2 = x2.add(z2);
- z2 = x3.add(z3);
- z3 = tmp0.mul(x2);
- z2 = z2.mul(tmp1);
- tmp0 = tmp1.sq();
- tmp1 = x2.sq();
- x3 = z3.add(z2);
- z2 = z3.sub(z2);
- x2 = tmp1.mul(tmp0);
- tmp1 = tmp1.sub(tmp0);
- z2 = z2.sq();
- z3 = tmp1.mul32(121666);
- x3 = x3.sq();
- tmp0 = tmp0.add(z3);
- z3 = x1.mul(z2);
- z2 = tmp1.mul(tmp0);
+ swap = bit;
+ const a = x2.add(z2);
+ const b = x2.sub(z2);
+ const aa = a.sq();
+ const bb = b.sq();
+ x2 = aa.mul(bb);
+ const e = aa.sub(bb);
+ const da = x3.sub(z3).mul(a);
+ const cb = x3.add(z3).mul(b);
+ x3 = da.add(cb).sq();
+ z3 = x1.mul(da.sub(cb).sq());
+ z2 = e.mul(bb.add(e.mul32(121666)));
if (pos == 0) break;
}
Fe.cSwap2(&x2, &x3, &z2, &z3, swap);
lib/std/crypto/25519/edwards25519.zig
@@ -130,8 +130,8 @@ pub const Edwards25519 = struct {
var pos: usize = 252;
while (true) : (pos -= 4) {
q = q.dbl().dbl().dbl().dbl();
- const b = (s[pos >> 3] >> @truncate(u3, pos)) & 0xf;
- q = q.add(pcSelect(pc, b));
+ const bit = (s[pos >> 3] >> @truncate(u3, pos)) & 0xf;
+ q = q.add(pcSelect(pc, bit));
if (pos == 0) break;
}
try q.rejectIdentity();