Here the for loop depends on the condition zero.Cmp(q) == -1, however neither q nor zero are modified
inside the loop, so this check can be moved out of the loop:
func RejectionSample(q *big.Int, eHash *big.Int) *big.Int { // e' = eHash
qBits := q.BitLen()
// e = the first |q| bits of e'
e := firstBitsOf(qBits, eHash)
// while e is not between 0-q
for !(e.Cmp(q) == -1 && zero.Cmp(q) == -1) {
eHash := SHA512_256i(eHash)
e = firstBitsOf(qBits, eHash)
}
return e
}
Here the
forloop depends on the conditionzero.Cmp(q) == -1, however neitherqnorzeroare modified inside the loop, so this check can be moved out of the loop: