From 3a9e7d47e8c0d8b5cc172d48c44afdeed6414429 Mon Sep 17 00:00:00 2001
From: Florian Dold <florian@dold.me>
Date: Mon, 18 Oct 2021 20:24:30 +0200
Subject: do bit twiddling correctly, it's little-endian

---
 doc/sphinx/cryptography.rst         | 5 +++--
 doc/system-documentation/design.tex | 5 +++--
 2 files changed, 6 insertions(+), 4 deletions(-)

(limited to 'doc')

diff --git a/doc/sphinx/cryptography.rst b/doc/sphinx/cryptography.rst
index 406732a..194b311 100644
--- a/doc/sphinx/cryptography.rst
+++ b/doc/sphinx/cryptography.rst
@@ -132,8 +132,9 @@ HKDF to ensure that the result differs from other cases where we hash
 
 .. code-block:: c
 
-   digest[0] = (digest[0] & 0x7f) | 0x40;
-   digest[31] &= 0xf8;
+  digest[0] &= 0xf8;
+  digest[31] &= 0x7f;
+  digest[31] |= 0x40;
 
 **eddsa_priv**: The generated EdDSA private key.
 
diff --git a/doc/system-documentation/design.tex b/doc/system-documentation/design.tex
index 650beb1..0883e7a 100644
--- a/doc/system-documentation/design.tex
+++ b/doc/system-documentation/design.tex
@@ -373,8 +373,9 @@ eddsa_keys_create (kdf_id, salt, keysize)
 \end{description}
 
 \begin{lstlisting}
-digest[0] = (digest[0] & 0x7f) | 0x40;
-digest[31] &= 0xf8;
+digest[0] &= 0xf8;
+digest[31] &= 0x7f;
+digest[31] |= 0x40;
 \end{lstlisting}
 
 \begin{description}
-- 
cgit v1.2.3