Skip to content

Commit 33e7db2

Browse files
aglagl
committed
Fix the naming of sqrtMinusA.
It was never sqrt(-A), it was sqrt(-(A+2)), and it wasn't the minimal root either.
1 parent 278e1ec commit 33e7db2

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

extra25519/extra25519.go

+4-4
Original file line numberDiff line numberDiff line change
@@ -55,9 +55,9 @@ func PublicKeyToCurve25519(curve25519Public *[32]byte, publicKey *[32]byte) bool
5555
return true
5656
}
5757

58-
// sqrtMinusA is sqrt(-486662)
59-
var sqrtMinusA = edwards25519.FieldElement{
60-
12222970, 8312128, 11511410, -9067497, 15300785, 241793, -25456130, -14121551, 12187136, -3972024,
58+
// sqrtMinusAPlus2 is sqrt(-(486662+2))
59+
var sqrtMinusAPlus2 = edwards25519.FieldElement{
60+
-12222970, -8312128, -11511410, 9067497, -15300785, -241793, 25456130, 14121551, -12187136, 3972024,
6161
}
6262

6363
// sqrtMinusHalf is sqrt(-1/2)
@@ -114,7 +114,7 @@ func ScalarBaseMult(publicKey, representative, privateKey *[32]byte) bool {
114114
var v edwards25519.FieldElement
115115
edwards25519.FeMul(&v, &t0, &inv1)
116116
edwards25519.FeMul(&v, &v, &A.Z)
117-
edwards25519.FeMul(&v, &v, &sqrtMinusA)
117+
edwards25519.FeMul(&v, &v, &sqrtMinusAPlus2)
118118

119119
var b edwards25519.FieldElement
120120
edwards25519.FeAdd(&b, &u, &edwards25519.A)

0 commit comments

Comments
 (0)