The branch master has been updated
via eb8e052c4b43551f205b328e3a6568309c9e042e (commit)
from a9b7a06ed8e6d70bf7caa778838d7a869a17db78 (commit)
- Log -----------------------------------------------------------------
commit eb8e052c4b43551f205b328e3a6568309c9e042e
Author: Kunxian Xia <[email protected]>
Date: Mon Apr 9 08:38:51 2018 -0400
Correct the equation for Y' in the comment of point_double function
CLA: trivial
Reviewed-by: Matt Caswell <[email protected]>
Reviewed-by: Rich Salz <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/5908)
-----------------------------------------------------------------------
Summary of changes:
crypto/ec/ecp_nistp224.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c
index 346f84d..5b8da3f 100644
--- a/crypto/ec/ecp_nistp224.c
+++ b/crypto/ec/ecp_nistp224.c
@@ -813,7 +813,7 @@ static void copy_conditional(felem out, const felem in,
limb icopy)
* Double an elliptic curve point:
* (X', Y', Z') = 2 * (X, Y, Z), where
* X' = (3 * (X - Z^2) * (X + Z^2))^2 - 8 * X * Y^2
- * Y' = 3 * (X - Z^2) * (X + Z^2) * (4 * X * Y^2 - X') - 8 * Y^2
+ * Y' = 3 * (X - Z^2) * (X + Z^2) * (4 * X * Y^2 - X') - 8 * Y^4
* Z' = (Y + Z)^2 - Y^2 - Z^2 = 2 * Y * Z
* Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed,
* while x_out == y_in is not (maybe this works, but it's not tested).
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
