From e842e58f61da961b57b9a462c6d094d20f122a7b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 15 Apr 2021 11:45:19 +0200
Subject: [PATCH] Correct some comments about ECC in mbedtls_mpi_random

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 library/bignum.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/library/bignum.c b/library/bignum.c
index ac9bda81e..5f5728d67 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -2460,7 +2460,6 @@ int mbedtls_mpi_random( mbedtls_mpi *X,
                         int (*f_rng)(void *, unsigned char *, size_t),
                         void *p_rng )
 {
-    /* SEC1 3.2.1: Generate X such that 1 <= n < N */
     int ret = MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
     int count;
     unsigned cmp = 0;
@@ -2478,9 +2477,9 @@ int mbedtls_mpi_random( mbedtls_mpi *X,
      * be < N), so after 30 tries failure probability is a most 2**(-30).
      *
      * When N is just below a power of 2, as is the case when generating
-     * a random point on most elliptic curves, 1 try is enough with
+     * a random scalar on most elliptic curves, 1 try is enough with
      * overwhelming probability. When N is just above a power of 2,
-     * as when generating a random point on secp224k1, each try has
+     * as when generating a random scalar on secp224k1, each try has
      * a probability of failing that is almost 1/2.
      *
      * The probabilities are almost the same if min is nonzero but negligible