From 380809db0f6f53f56b1d17908f046ce5a85df167 Mon Sep 17 00:00:00 2001
From: Andreas Auernhammer <aead@mail.de>
Date: Sun, 2 Oct 2016 09:45:08 +0200
Subject: [PATCH] poly1305: fix bug in amd64 assembly

Add the conditional subtraction of 3 from 'h2' (register R10).

Change-Id: I75615b0375f050a5cd97b968075c2992ccd1dee7
Reviewed-on: https://go-review.googlesource.com/30101
Reviewed-by: Adam Langley <agl@golang.org>
---
 poly1305/poly1305_amd64.s | 1 +
 1 file changed, 1 insertion(+)

diff --git a/poly1305/poly1305_amd64.s b/poly1305/poly1305_amd64.s
index 523f5b9..431c432 100644
--- a/poly1305/poly1305_amd64.s
+++ b/poly1305/poly1305_amd64.s
@@ -121,6 +121,7 @@ done:
 	MOVQ    R9, BX
 	SUBQ    $0xFFFFFFFFFFFFFFFB, AX
 	SBBQ    $0xFFFFFFFFFFFFFFFF, BX
+	SBBQ    $3, R10
 	CMOVQCS R8, AX
 	CMOVQCS R9, BX
 	ADDQ    16(SP), AX