From 16636d4f907e151ad399c3825a5319ea4d009404 Mon Sep 17 00:00:00 2001
From: Matthias Schiffer <mschiffer@universe-factory.net>
Date: Sat, 3 Oct 2015 13:35:59 +0200
Subject: Add comments clarifying when subtractions without squeeze are valid

---
 src/ec25519.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src')

diff --git a/src/ec25519.c b/src/ec25519.c
index d673aee..b581057 100644
--- a/src/ec25519.c
+++ b/src/ec25519.c
@@ -473,6 +473,7 @@ int ecc_25519_load_packed(ecc_25519_work_t *out, const ecc_int256_t *in) {
 	if (!square_root(Y, Y2))
 		return 0;
 
+	/* No squeeze is necessary for subtractions from zero */
 	sub(Yt, zero, Y);
 
 	select(out->Y, Y, Yt, (in->p[31] >> 7) ^ (Y[0] & 1));
@@ -506,6 +507,7 @@ void ecc_25519_negate(ecc_25519_work_t *out, const ecc_25519_work_t *in) {
 		out->Z[i] = in->Z[i];
 	}
 
+	/* No squeeze is necessary for subtractions from zero */
 	sub(out->X, zero, in->X);
 	sub(out->T, zero, in->T);
 }
-- 
cgit v1.2.3