Comment fixes.

ecc-add-ehh.c

@@ -72,9 +72,9 @@ ecc_add_ehh (const struct ecc_curve *ecc,
      E = b*C*D		2 mul		A, B, C, D, E
      F = B - E				A, B, C, D, E, F
      G = B + E     			A, C, D, F, G
-     x3 = a*f*[(x1+y1)(x2+y2) - c - d] 3 mul	A, C, D, G
-     y3 = a*g*(d-c)	2 mul		F, G
-     z3 = f*g		mul
+     x3 = A*F*[(x1+y1)(x2+y2) - C - D] 3 mul	A, C, D, G
+     y3 = A*G*(D-C)	2 mul		F, G
+     z3 = F*G		mul
   */
 #define A scratch
 #define B (scratch + ecc->size)

ecc-eh-to-a.c

@@ -74,7 +74,10 @@ ecc_eh_to_a (const struct ecc_curve *ecc,
 
   ecc_modp_sub (ecc, izp, wp, vp);
   /* FIXME: For the infinity point, this subtraction gives zero (mod
-     p), and the inversion below fails and returns something else. */
+     p), which isn't invertible. For curve25519, the desired output is
+     x = 0, which we get if the modular inversion function returns 0
+     in this case. Need to check that modular inversion really returns
+     0. */
   ecc_modp_mul (ecc, izp + ecc->size, izp, up);
   /* Needs 3*size scratch */
   ecc_modp_inv (ecc, izp, izp + ecc->size, izp + 2*ecc->size);