Comment fixes.

346cfb55 · Niels Möller · 88a8a9e0 · 346cfb55 · 346cfb55
Commit 346cfb55 authored 11 years ago by Niels Möller
--- a/ecc-add-ehh.c
+++ b/ecc-add-ehh.c
@@ -72,9 +72,9 @@ ecc_add_ehh (const struct ecc_curve *ecc,
     E = b*C*D		2 mul		A, B, C, D, E
     F = B - E				A, B, C, D, E, F
     G = B + E     			A, C, D, F, G
-     x3 = a*f*[(x1+y1)(x2+y2) - c - d] 3 mul	A, C, D, G
+     x3 = A*F*[(x1+y1)(x2+y2) - C - D] 3 mul	A, C, D, G
-     y3 = a*g*(d-c)	2 mul		F, G
+     y3 = A*G*(D-C)	2 mul		F, G
-     z3 = f*g		mul
+     z3 = F*G		mul
  */
 #define A scratch
 #define B (scratch + ecc->size)

--- a/ecc-eh-to-a.c
+++ b/ecc-eh-to-a.c
@@ -74,7 +74,10 @@ ecc_eh_to_a (const struct ecc_curve *ecc,
  ecc_modp_sub (ecc, izp, wp, vp);
  /* FIXME: For the infinity point, this subtraction gives zero (mod
-     p), and the inversion below fails and returns something else. */
+     p), which isn't invertible. For curve25519, the desired output is
+     x = 0, which we get if the modular inversion function returns 0
+     in this case. Need to check that modular inversion really returns
+     0. */
  ecc_modp_mul (ecc, izp + ecc->size, izp, up);
  /* Needs 3*size scratch */
  ecc_modp_inv (ecc, izp, izp + ecc->size, izp + 2*ecc->size);