From 17165610e482fb3ec9327dcf231bb83787a77fc1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Fri, 11 Jul 2014 22:56:24 +0200
Subject: [PATCH] Comment on Shanks-Tonelli reference.

---
 ecc-25519.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ecc-25519.c b/ecc-25519.c
index 25eeed99..51414a30 100644
--- a/ecc-25519.c
+++ b/ecc-25519.c
@@ -60,6 +60,10 @@ ecc_25519_modp(const struct ecc_curve *ecc UNUSED, mp_limb_t *rp)
     + sec_add_1 (rp, rp, ECC_LIMB_SIZE - 1, 19 * cy);
 }
 
+/* We'll also need square roots, see
+   http://www.math.vt.edu/people/brown/doc/sqrts.pdf for a description
+   of Shanks-Tonelli. The needed quadratic non-residue is 3. */
+
 const struct ecc_curve nettle_curve25519 =
 {
   255,
-- 
GitLab