From f8bd1037cf8a5263daceb06f1dc563f04c54d0bb Mon Sep 17 00:00:00 2001
From: George Tankersley <george.tankersley@gmail.com>
Date: Fri, 7 Jul 2017 00:00:00 +0000
Subject: [PATCH] Use Bits() for FeToBig.

This doesn't help quite as much as it does with FeFromBig, because
FeToBig runtime is dominated by the reduction step. Still helps though.
---
 ed25519_test.go        | 10 ++++++++++
 internal/radix51/fe.go | 26 ++++++++++++++++++++------
 2 files changed, 30 insertions(+), 6 deletions(-)

diff --git a/ed25519_test.go b/ed25519_test.go
index c979861..8d0dc0f 100644
--- a/ed25519_test.go
+++ b/ed25519_test.go
@@ -398,3 +398,13 @@ func BenchmarkFeFromBig(b *testing.B) {
 		field.FeFromBig(&fe, randFieldInt)
 	}
 }
+
+var feOnes field.FieldElement = [5]uint64{1, 1, 1, 1, 1}
+
+//func FeToBig(h *FieldElement) *big.Int {
+func BenchmarkFeToBig(b *testing.B) {
+	for i := 0; i < b.N; i++ {
+		_ = field.FeToBig(&feOnes)
+	}
+
+}
diff --git a/internal/radix51/fe.go b/internal/radix51/fe.go
index 1af0a28..d78922f 100644
--- a/internal/radix51/fe.go
+++ b/internal/radix51/fe.go
@@ -339,12 +339,26 @@ func FeFromBig(h *FieldElement, num *big.Int) {
 }
 
 func FeToBig(h *FieldElement) *big.Int {
-	var buf, reverse [32]byte
-	FeToBytes(&buf, h) // does inline reduction
-	for i := 0; i < 32; i++ {
-		reverse[i] = buf[31-i]
+	var buf [32]byte
+	FeToBytes(&buf, h) // does a reduction
+
+	numWords := 256 / bits.UintSize
+	words := make([]big.Word, numWords)
+
+	offset := 0
+	byteSize := uint(bits.UintSize >> 3)
+	for n := 0; n < numWords; n++ {
+		word := uint(0)
+		for i := uint(0); i < byteSize; i++ {
+			if offset >= len(buf) {
+				break
+			}
+			word |= uint(buf[offset]) << (i << 3)
+			offset++
+		}
+		words[n] = big.Word(word)
 	}
+
 	out := new(big.Int)
-	out.SetBytes(reverse[:])
-	return out
+	return out.SetBits(words)
 }