projects / BearSSL / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Improved modular exponentiation (automatic window optimisation if there is enough...
[BearSSL] / src / int / i31_montmul.c
diff --git a/src/int/i31_montmul.c b/src/int/i31_montmul.c
index 0857797..b953aa3 100644 (file)
--- a/src/int/i31_montmul.c
+++ b/src/int/i31_montmul.c
@@ -41,7 +41,7 @@ br_i31_montymul(uint32_t *d, const uint32_t *x, const uint32_t *y,
                uint64_t r, zh;
 
                xu = x[u + 1];
-               f = ((d[1] + x[u + 1] * y[1]) * m0i) & 0x7FFFFFFF;
+               f = MUL31_lo((d[1] + MUL31_lo(x[u + 1], y[1])), m0i);
 
                r = 0;
                for (v = 0; v < len4; v += 4) {
The BearSSL library and tools.