From a447d2a4e8e1b773b9a89d608e16a83cc772891a Mon Sep 17 00:00:00 2001
From: Loup Vaillant <loup@loup-vaillant.fr>
Date: Sun, 8 Nov 2020 00:22:09 +0100
Subject: [PATCH] Tests: fixed tweak coverage for Elligator.

Shifting the index by 6 caused a reuse of one bit, leading to 4
different configurations instead of 8.
Shifting by 5 means we are using the 3 least significant bits of the
index, as was always intended.
---
 tests/test.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/test.c b/tests/test.c
index a241157..5099634 100644
--- a/tests/test.c
+++ b/tests/test.c
@@ -975,7 +975,7 @@ static int p_elligator_x25519()
 
         // Maximise tweak diversity.
         // We want to set the bits 1 (sign) and 6-7 (padding)
-        u8 tweak = (u8)((i & 1) + (i << 6));
+        u8 tweak = (u8)((i & 1) + (i << 5));
         u8 r[32];
         if (crypto_curve_to_hidden(r, pkf, tweak)) {
             continue; // retry untill success (doesn't increment the tweak)
-- 
2.47.3