From 36eaaa748c02e43bc2692cbe95aa5e62e4d3b4c3 Mon Sep 17 00:00:00 2001
From: orignal <i2porignal@yandex.ru>
Date: Tue, 10 Dec 2019 13:40:04 -0500
Subject: [PATCH] handle case when encoded key is  (p-1)/2

---
 libi2pd/Elligator.cpp    |  2 +-
 tests/test-elligator.cpp | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/libi2pd/Elligator.cpp b/libi2pd/Elligator.cpp
index 9be0a610..9821afa1 100644
--- a/libi2pd/Elligator.cpp
+++ b/libi2pd/Elligator.cpp
@@ -100,7 +100,7 @@ namespace crypto
 
 		BIGNUM * r = BN_CTX_get (ctx); BN_bin2bn (encoded1, 32, r);
 
-		if (BN_cmp (r, p12) < 0) // r < (p-1)/2
+		if (BN_cmp (r, p12) <= 0) // r < (p-1)/2
 		{
 			// v = -A/(1+u*r^2)
 			BIGNUM * v = BN_CTX_get (ctx); BN_mod_sqr (v, r, p, ctx); 
diff --git a/tests/test-elligator.cpp b/tests/test-elligator.cpp
index ec9ccdbc..1647c349 100644
--- a/tests/test-elligator.cpp
+++ b/tests/test-elligator.cpp
@@ -40,6 +40,17 @@ const uint8_t key2[32] =
 	0xe5, 0x78, 0x2b, 0xe1, 0xe1, 0x14, 0x5c, 0xe2, 0xc3, 0xc6, 0xfd, 0xe1, 0x6d, 0xed, 0x53, 0x63
 };
 
+const uint8_t encoded3[32] =
+{
+	0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f
+};
+
+const uint8_t key3[32] = 
+{
+	0x9c, 0xdb, 0x52, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+	0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55
+};
 
 int main ()
 {
@@ -53,4 +64,6 @@ int main ()
 	assert(memcmp (buf, key1, 32) == 0);
 	el.Decode (encoded2, buf);
 	assert(memcmp (buf, key2, 32) == 0);
+	el.Decode (encoded3, buf);
+	assert(memcmp (buf, key3, 32) == 0);
 }