WIP

src/shake.erl

@@ -58,17 +58,17 @@ p() -> 16#7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFED.
 
 ed25519_pk_to_x25519(<<ED25519_PK:32/binary>>) ->
     <<CompressedInt:256/little-integer>> = ED25519_PK,
-    %% Clear the sign bit (MSB) to get the raw y-coordinate
+    % Clear the sign bit (MSB) to get the raw y-coordinate
     Y = CompressedInt band ((1 bsl 255) - 1),
     
-    %% Compute u = (1 + y) / (1 - y) mod P
+    % Compute u = (1 + y) / (1 - y) mod P
     Num = (1 + Y) rem p(),
     Den = (1 - Y + p()) rem p(),
-    
     case Den =:= 0 of
         true -> 
             % If y == 1, the point maps to the point at infinity.
             % On X25519, this translates to u = 0.
+            % TODO: Ask Peter whether this case should actually fail...?
             <<0:256/little-integer>>;
         false ->
             U = (Num * mod_inv(Den, p())) rem p(),