From 80d935d9134855229100b9f985d655d6055ab9b5 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Tue, 21 Jan 2014 13:31:23 +0900
Subject: [PATCH] Fix for constant time (step 2)

---
 src/mod.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/mod.c b/src/mod.c
index 0d6bd17..d3c1ae2 100644
--- a/src/mod.c
+++ b/src/mod.c
@@ -116,11 +116,15 @@ mod_reduce (bn256 *X, const bn512 *A, const bn256 *B, const bn256 *MU_lower)
   q_big->word[8] -= tmp->word[8];
 
   carry = q_big->word[8];
-  while (carry)
-    {
-      borrow_next = bn256_sub (X, X, B);
-      carry -= borrow_next;
-    }
+  if (carry)
+    carry -= bn256_sub (X, X, B);
+  else
+    bn256_sub (q, X, B);
+
+  if (carry)
+    carry -= bn256_sub (X, X, B);
+  else
+    bn256_sub (q, X, B);
 
   borrow = bn256_sub (q, X, B);
   if (borrow)