commit 3abe464b06ab7d75954abda18dc41bf7af4a3839 (tree)
parent 4266795743d86efc763ecadbc155d068ca1ec45a
Author: Frank Denis <github@pureftpd.org>
Date: Mon, 27 Dec 2021 18:29:25 +0100
crypto/edwards25519: faster point decompression
Make recovery of the x-coordinate slightly faster.
See https://mailarchive.ietf.org/arch/msg/cfrg/qlKpMBqxXZYmDpXXIx6LO3Oznv4/
for details.
Diffstat:
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/lib/std/crypto/25519/edwards25519.zig b/lib/std/crypto/25519/edwards25519.zig
@@ -34,8 +34,7 @@ pub const Edwards25519 = struct {
var v = u.mul(Fe.edwards25519d);
u = u.sub(z);
v = v.add(z);
- const v3 = v.sq().mul(v);
- var x = v3.sq().mul(v).mul(u).pow2523().mul(v3).mul(u);
+ var x = u.mul(v).pow2523().mul(u);
const vxx = x.sq().mul(v);
const has_m_root = vxx.sub(u).isZero();
const has_p_root = vxx.add(u).isZero();
