From f67c3f36b9c4a2ab90bf7cf1380ecdb58528a133 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Wed, 28 Mar 2012 22:57:16 +0200
Subject: Use the same key sanitization as Curve25519

---
 src/ec25519_secret.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/ec25519_secret.c b/src/ec25519_secret.c
index 9108613..7f3d987 100644
--- a/src/ec25519_secret.c
+++ b/src/ec25519_secret.c
@@ -176,12 +176,13 @@ void ecc_25519_secret_mult(ecc_secret_key_256 *out, const ecc_secret_key_256 *in
 	montgomery(out->s, R, C);
 }
 
-/* TODO implement properly, rule out zero etc. */
 void ecc_25519_secret_sanitize(ecc_secret_key_256 *out, const ecc_secret_key_256 *in) {
 	int i;
 
 	for (i = 0; i < 32; i++)
 		out->s[i] = in->s[i];
 
-	out->s[31] |= 0x80;
+	out->s[0] &= 0xf8;
+	out->s[31] &= 0x7f;
+	out->s[31] |= 0x40;
 }
-- 
cgit v1.2.3