From a7e2ce5144f6b964a5f4cf3364a9c91c761919f5 Mon Sep 17 00:00:00 2001
From: Loup Vaillant <loup@loup-vaillant.fr>
Date: Tue, 30 Jul 2019 00:30:22 +0200
Subject: [PATCH] Moved trim_scalar() and scalar_bits() up a slot

Those functions are used for both X25519 and EdDSA. Moving them up one
section makes it easier for user to delete the X-25519 section without
affecting EdDSA.

(Overall, Monocypher should let users delete the code they don't
need. This wasn't an explicit goal initially, but the code naturally
turned out that way.  Supporting this use case cost us nothing.)
---
 src/monocypher.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/monocypher.c b/src/monocypher.c
index ee36c77..c44e2ef 100644
--- a/src/monocypher.c
+++ b/src/monocypher.c
@@ -1276,10 +1276,6 @@ static int fe_isnonzero(const fe f)
     return isnonzero;
 }
 
-///////////////
-/// X-25519 /// Taken from Supercop's ref10 implementation.
-///////////////
-
 static void trim_scalar(u8 s[32])
 {
     s[ 0] &= 248;
@@ -1289,6 +1285,10 @@ static void trim_scalar(u8 s[32])
 
 static int scalar_bit(const u8 s[32], size_t i) {return (s[i>>3] >> (i&7)) & 1;}
 
+///////////////
+/// X-25519 /// Taken from Supercop's ref10 implementation.
+///////////////
+
 int crypto_x25519(u8       raw_shared_secret[32],
                   const u8 your_secret_key  [32],
                   const u8 their_public_key [32])
-- 
2.47.3