Merge pull request #33 from cyberbit/feature/secure-modem

👌 patch ccryptolib.internal.fq
cyberbit · Nov 22, 2023 · de73c3d · de73c3d
2 parents 36c0b67 + b44560a
commit de73c3d
Showing 1 changed file with 12 additions and 5 deletions.
diff --git a/src/telem/vendor/ccryptolib/internal/fq.lua b/src/telem/vendor/ccryptolib/internal/fq.lua
@@ -73,19 +73,26 @@ local ZERO = mp.num(0)
 
 --- Reduces a number modulo q.
 --
+-- (patched for luamin by @cyberbit 20231121)
+--
 -- @tparam {number...} a A number a < 2q as 11 limbs in [0..2²⁵).
 -- @treturn {number...} a mod q as 11 limbs in [0..2²⁴).
 --
 local function reduce(a)
     local c = mp.sub(a, Q)
+    local result
 
     -- Return carry(a) if a < q.
-    if mp.approx(c) < 0 then return (mp.carry(a)) end
+    if mp.approx(c) < 0 then
+        result = mp.carry(a)
+    else
+        -- c >= q means c - q >= 0.
+        -- Since q < 2²⁸⁸, c < 2q means c - q < q < 2²⁸⁸.
+        -- c's limbs fit in (-2²⁶..2²⁶), since subtraction adds at most one bit.
+        result = mp.carry(c) -- cc < q implies that the carry number is 0.
+    end
 
-    -- c >= q means c - q >= 0.
-    -- Since q < 2²⁸⁸, c < 2q means c - q < q < 2²⁸⁸.
-    -- c's limbs fit in (-2²⁶..2²⁶), since subtraction adds at most one bit.
-    return (mp.carry(c)) -- cc < q implies that the carry number is 0.
+    return result
 end
 
 --- Adds two scalars mod q.