From: Niels Möller <nisse@lysator.liu.se>
Date: Sat, 23 Aug 2014 19:45:38 +0000 (+0200)
Subject: Updated FIXME comments.
X-Git-Tag: nettle_3.1rc1~155^2~17
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0118df62343aa4744b0ae37867f7eb56adb782fc;p=thirdparty%2Fnettle.git

Updated FIXME comments.
---

diff --git a/ecc-eh-to-a.c b/ecc-eh-to-a.c
index aaeaf09d..fd953bf3 100644
--- a/ecc-eh-to-a.c
+++ b/ecc-eh-to-a.c
@@ -72,12 +72,11 @@ ecc_eh_to_a (const struct ecc_curve *ecc,
 
   mp_limb_t cy;
 
-  ecc_modp_sub (ecc, izp, wp, vp);
-  /* FIXME: For the infinity point, this subtraction gives zero (mod
+  /* NOTE: For the infinity point, this subtraction gives zero (mod
      p), which isn't invertible. For curve25519, the desired output is
-     x = 0, which we get if the modular inversion function returns 0
-     in this case. Need to check that modular inversion really returns
-     0. */
+     x = 0, and we should be fine, since ecc_modp_inv returns 0
+     in this case. */
+  ecc_modp_sub (ecc, izp, wp, vp);
   ecc_modp_mul (ecc, izp + ecc->size, izp, up);
   /* Needs 3*size scratch */
   ecc_modp_inv (ecc, izp, izp + ecc->size, izp + 2*ecc->size);
@@ -93,7 +92,9 @@ ecc_eh_to_a (const struct ecc_curve *ecc,
     /* Skip y coordinate */
     return;
   
-  ecc_modp_add (ecc, sp, wp, vp); /* FIXME: Redundant */
+  ecc_modp_add (ecc, sp, wp, vp); /* FIXME: Redundant. Also the (W +
+				     V) Z^-1 multiplication is
+				     redundant. */
   ecc_modp_mul (ecc, tp, sp, wp);
   mpn_copyi (sp, tp, ecc->size); /* FIXME: Eliminate copy */
   ecc_modp_mul (ecc, tp, sp, ecc->edwards_root);