Updated FIXME comments.

diff --git a/ecc-eh-to-a.c b/ecc-eh-to-a.c
index aaeaf09df0e77b1c4a178130cc5b9dead16af482..fd953bf34d16fdc21aa4266adbb4f9ab74dc0869 100644 (file)
--- a/ecc-eh-to-a.c
+++ b/ecc-eh-to-a.c
@@ -72,12 +72,11 @@ ecc_eh_to_a (const struct ecc_curve *ecc,
 
   mp_limb_t cy;
 
-  ecc_modp_sub (ecc, izp, wp, vp);
-  /* FIXME: For the infinity point, this subtraction gives zero (mod
+  /* NOTE: For the infinity point, this subtraction gives zero (mod
      p), which isn't invertible. For curve25519, the desired output is
-     x = 0, which we get if the modular inversion function returns 0
-     in this case. Need to check that modular inversion really returns
-     0. */
+     x = 0, and we should be fine, since ecc_modp_inv returns 0
+     in this case. */
+  ecc_modp_sub (ecc, izp, wp, vp);
   ecc_modp_mul (ecc, izp + ecc->size, izp, up);
   /* Needs 3*size scratch */
   ecc_modp_inv (ecc, izp, izp + ecc->size, izp + 2*ecc->size);
@@ -93,7 +92,9 @@ ecc_eh_to_a (const struct ecc_curve *ecc,
     /* Skip y coordinate */
     return;
   
-  ecc_modp_add (ecc, sp, wp, vp); /* FIXME: Redundant */
+  ecc_modp_add (ecc, sp, wp, vp); /* FIXME: Redundant. Also the (W +
+                                    V) Z^-1 multiplication is
+                                    redundant. */
   ecc_modp_mul (ecc, tp, sp, wp);
   mpn_copyi (sp, tp, ecc->size); /* FIXME: Eliminate copy */
   ecc_modp_mul (ecc, tp, sp, ecc->edwards_root);