From e1f39a3ad020e9992750a8a76064453ee2585939 Mon Sep 17 00:00:00 2001
From: armfazh <armfazh@cloudflare.com>
Date: Mon, 4 Nov 2019 10:33:29 -0800
Subject: [PATCH] Allows Double to use same operand for input and output.

---
 curve.go | 6 +++---
 twist.go | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/curve.go b/curve.go
index 294528f..0065f72 100644
--- a/curve.go
+++ b/curve.go
@@ -171,15 +171,15 @@ func (c *curvePoint) Double(a *curvePoint) {
 	gfpAdd(t, d, d)
 	gfpSub(&c.x, f, t)
 
+	gfpMul(&c.z, &a.y, &a.z)
+	gfpAdd(&c.z, &c.z, &c.z)
+
 	gfpAdd(t, C, C)
 	gfpAdd(t2, t, t)
 	gfpAdd(t, t2, t2)
 	gfpSub(&c.y, d, &c.x)
 	gfpMul(t2, e, &c.y)
 	gfpSub(&c.y, t2, t)
-
-	gfpMul(t, &a.y, &a.z)
-	gfpAdd(&c.z, t, t)
 }
 
 func (c *curvePoint) Mul(a *curvePoint, scalar *big.Int) {
diff --git a/twist.go b/twist.go
index 65542fd..18d18d1 100644
--- a/twist.go
+++ b/twist.go
@@ -145,15 +145,15 @@ func (c *twistPoint) Double(a *twistPoint) {
 	t.Add(d, d)
 	c.x.Sub(f, t)
 
+	c.z.Mul(&a.y, &a.z)
+	c.z.Add(&c.z, &c.z)
+
 	t.Add(C, C)
 	t2.Add(t, t)
 	t.Add(t2, t2)
 	c.y.Sub(d, &c.x)
 	t2.Mul(e, &c.y)
 	c.y.Sub(t2, t)
-
-	t.Mul(&a.y, &a.z)
-	c.z.Add(t, t)
 }
 
 func (c *twistPoint) Mul(a *twistPoint, scalar *big.Int) {