Add comments clarifying when subtractions without squeeze are valid

2025-03-04 09:03:31 +01:00 · 2015-10-03 13:35:59 +02:00 · 2015-10-03 13:35:59 +02:00 · 16636d4f90
commit 16636d4f90
parent 962888f03f
1 changed files with 2 additions and 0 deletions
--- a/src/ec25519.c
+++ b/src/ec25519.c
@ -473,6 +473,7 @@ int ecc_25519_load_packed(ecc_25519_work_t *out, const ecc_int256_t *in) {
 	if (!square_root(Y, Y2))
 		return 0;
 	/* No squeeze is necessary for subtractions from zero */
 	sub(Yt, zero, Y);
 	select(out->Y, Y, Yt, (in->p[31] >> 7) ^ (Y[0] & 1));
@ -506,6 +507,7 @@ void ecc_25519_negate(ecc_25519_work_t *out, const ecc_25519_work_t *in) {
 		out->Z[i] = in->Z[i];
 	}
 	/* No squeeze is necessary for subtractions from zero */
 	sub(out->X, zero, in->X);
 	sub(out->T, zero, in->T);
 }