diff --git a/strobe/x25519.c b/strobe/x25519.c index a751083..2e6c239 100644 --- a/strobe/x25519.c +++ b/strobe/x25519.c @@ -91,12 +91,12 @@ static void add(fe out, const fe a, const fe b) { static void sub(fe out, const fe a, const fe b) { unsigned i; - sdlimb_t carry = -38; + sdlimb_t carry = -76; for (i=0; i>= X25519_WBITS; } - propagate(out,1+carry); + propagate(out,2+carry); } static void __attribute__((unused))