Apply bugfix to Edwards25519.pointsMulVarTime

cbits/ed25519/ed25519-donna-impl-base.h

@@ -287,7 +287,13 @@ ge25519_double_scalarmult_vartime(ge25519 *r, const ge25519 *p1, const bignum256
 			ge25519_nielsadd2_p1p1(&t, r, &ge25519_niels_sliding_multiples[abs(slide2[i]) / 2], (unsigned char)slide2[i] >> 7);
 		}
 
-		ge25519_p1p1_to_partial(r, &t);
+		// diverges from the original source code and resolves bug explained
+		// in <https://github.com/floodyberry/ed25519-donna/issues/31>
+		if (i == 0) {
+			ge25519_p1p1_to_full(r, &t);
+		} else {
+			ge25519_p1p1_to_partial(r, &t);
+		}
 	}
 }