From 5eed910c1156747c8475e20ccaee4a2bce2230e2 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Sun, 30 Oct 2016 01:13:22 +0200
Subject: [PATCH] Cast the scalar instead of the coefficient

---
 .../curve25519/donna_c64/curve25519_donna_c64.c        | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/libsodium/crypto_scalarmult/curve25519/donna_c64/curve25519_donna_c64.c b/src/libsodium/crypto_scalarmult/curve25519/donna_c64/curve25519_donna_c64.c
index 7b39a113..22f3bf55 100644
--- a/src/libsodium/crypto_scalarmult/curve25519/donna_c64/curve25519_donna_c64.c
+++ b/src/libsodium/crypto_scalarmult/curve25519/donna_c64/curve25519_donna_c64.c
@@ -71,19 +71,19 @@ static inline void
 fscalar_product(felem output, const felem in, const limb scalar) {
   uint128_t a;
 
-  a = ((uint128_t) in[0]) * scalar;
+  a = in[0] * (uint128_t) scalar;
   output[0] = ((limb)a) & 0x7ffffffffffff;
 
-  a = ((uint128_t) in[1]) * scalar + ((limb) (a >> 51));
+  a = in[1] * (uint128_t) scalar + ((limb) (a >> 51));
   output[1] = ((limb)a) & 0x7ffffffffffff;
 
-  a = ((uint128_t) in[2]) * scalar + ((limb) (a >> 51));
+  a = in[2] * (uint128_t) scalar + ((limb) (a >> 51));
   output[2] = ((limb)a) & 0x7ffffffffffff;
 
-  a = ((uint128_t) in[3]) * scalar + ((limb) (a >> 51));
+  a = in[3] * (uint128_t) scalar + ((limb) (a >> 51));
   output[3] = ((limb)a) & 0x7ffffffffffff;
 
-  a = ((uint128_t) in[4]) * scalar + ((limb) (a >> 51));
+  a = in[4] * (uint128_t) scalar + ((limb) (a >> 51));
   output[4] = ((limb)a) & 0x7ffffffffffff;
 
   output[0] += (a >> 51) * 19;