From 3d97b5576cd274b38b6a4123e78227cc174506a6 Mon Sep 17 00:00:00 2001
From: Loup Vaillant <loup@loup-vaillant.fr>
Date: Mon, 23 Mar 2020 16:36:27 +0100
Subject: [PATCH] Elligator script: alternate way to co-clear

---
 tests/gen/elligator_scalarmult.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/gen/elligator_scalarmult.py b/tests/gen/elligator_scalarmult.py
index 24f4543..2ee0860 100644
--- a/tests/gen/elligator_scalarmult.py
+++ b/tests/gen/elligator_scalarmult.py
@@ -184,13 +184,13 @@ order = 2**252 + 27742317777372353535851937790883648493
 
 # Single scalar multiplication (in Edwards space)
 def scalarmult1(scalar, cofactor):
-    co_cleared = cofactor * (5 * order)  # cleared main factor
+    co_cleared = ((cofactor * 5) % 8) * order  # cleared main factor
     combined   = trim(scalar) + co_cleared
     return from_edwards(ed_scalarmult(ed_base, combined))
 
 # Single scalar multiplication (in Montgomery space)
 def scalarmult2(scalar, cofactor):
-    co_cleared = cofactor * (5 * order) # cleared main factor
+    co_cleared = ((cofactor * 5) % 8) * order  # cleared main factor
     combined   = trim(scalar) + co_cleared
     return mt_scalarmult(mt_base, combined)
 
-- 
2.47.3