math/scaf.c, etc.: Only need 3*NPIECE words of scratch space.

The extra one would have been necessary because we're calculating the
high half of a product of two (NPIECE + 1)-piece numbers, but in fact we
only need the low NPIECE pieces of the result.

Fix the commentary and the callers.

diff --git a/math/scaf.c b/math/scaf.c
index cb68ad97e68d27d5376febc2742df2b7c47a0e1f..59f9c6eed8981e11a5846ac494c04fd049af5dcf 100644 (file)
--- a/math/scaf.c
+++ b/math/scaf.c
@@ -205,7 +205,7 @@ void scaf_mul(scaf_dblpiece *z, const scaf_piece *x, const scaf_piece *y,
  *             @const scaf_piece *mu@ = scaled approximation to @1/l@
  *             @size_t npiece@ = number of pieces in @l@
  *             @unsigned piecewd@ = nominal width of a piece in bits
- *             @scaf_piece *scratch@ = @3*npiece + 1@ scratch pieces
+ *             @scaf_piece *scratch@ = @3*npiece@ scratch pieces
  *
  * Returns:    ---
  *

diff --git a/math/scaf.h b/math/scaf.h
index 2535a9c1048ce3ed1ed626a0f406eb8bea9529bb..3f0afc746b33019a34cdb684a1ba682434a19b8a 100644 (file)
--- a/math/scaf.h
+++ b/math/scaf.h
@@ -135,7 +135,7 @@ extern void scaf_mul(scaf_dblpiece */*z*/, const scaf_piece */*x*/,
  *             @const scaf_piece *mu@ = scaled approximation to @1/l@
  *             @size_t npiece@ = number of pieces in @l@
  *             @unsigned piecewd@ = nominal width of a piece in bits
- *             @scaf_piece *scratch@ = @3*npiece + 1@ scratch pieces
+ *             @scaf_piece *scratch@ = @3*npiece@ scratch pieces
  *
  * Returns:    ---
  *

diff --git a/pub/ed25519.c b/pub/ed25519.c
index 2dc11613cf7189d7322940ce59fb126d8d718ed2..f23c272aa75b626c4d29d11bd43145ff66144b94 100644 (file)
--- a/pub/ed25519.c
+++ b/pub/ed25519.c
@@ -319,7 +319,7 @@ void ed25519ctx_sign(octet sig[ED25519_SIGSZ],
                     const void *m, size_t msz)
 {
   sha512_ctx h;
-  scaf_piece a[NPIECE], r[NPIECE], t[NPIECE], scratch[3*NPIECE + 1];
+  scaf_piece a[NPIECE], r[NPIECE], t[NPIECE], scratch[3*NPIECE];
   scaf_dblpiece tt[2*NPIECE];
   f25519 RX, RY, RZ;
   octet h1[32], pb[PREFIX_BUFSZ], rb[SHA512_HASHSZ];
@@ -388,7 +388,7 @@ int ed25519ctx_verify(const octet K[ED25519_PUBSZ],
                      const octet sig[ED25519_SIGSZ])
 {
   sha512_ctx h;
-  scaf_piece s[NPIECE], t[NPIECE], scratch[3*NPIECE + 1];
+  scaf_piece s[NPIECE], t[NPIECE], scratch[3*NPIECE];
   scaf_dblpiece tt[2*NPIECE];
   f25519 AX, AY, AZ, RX, RY, RZ;
   octet b[PREFIX_BUFSZ];

diff --git a/pub/ed448.c b/pub/ed448.c
index a3a94214753b431db888293d6b590b3b0ba1c0ff..714987f480e2889eca9a6f6215ecdd8b68d4c480 100644 (file)
--- a/pub/ed448.c
+++ b/pub/ed448.c
@@ -317,7 +317,7 @@ void ed448_sign(octet sig[ED448_SIGSZ],
                const void *m, size_t msz)
 {
   shake_ctx h;
-  scaf_piece a[NPIECE], r[NPIECE], t[NPIECE], scratch[3*NPIECE + 1];
+  scaf_piece a[NPIECE], r[NPIECE], t[NPIECE], scratch[3*NPIECE];
   scaf_dblpiece tt[2*NPIECE];
   fgoldi RX, RY, RZ;
   octet h1[57], pb[PREFIX_BUFSZ], rb[114];
@@ -376,7 +376,7 @@ int ed448_verify(const octet K[ED448_PUBSZ],
                 const octet sig[ED448_SIGSZ])
 {
   shake_ctx h;
-  scaf_piece s[NPIECE], t[NPIECE], scratch[3*NPIECE + 1];
+  scaf_piece s[NPIECE], t[NPIECE], scratch[3*NPIECE];
   scaf_dblpiece tt[2*NPIECE];
   fgoldi AX, AY, AZ, RX, RY, RZ;
   octet b[PREFIX_BUFSZ];