X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=inc%2Fbearssl_ec.h;fp=inc%2Fbearssl_ec.h;h=1ecb4cdcffe54b9347cc9f3454e0773c63e8c31e;hp=2c84bad1fd82b561f15d04208644dcced90b8e82;hb=693d2a0085f4c1d289cb6d79c02ddd23f18d9478;hpb=2f9c953af45299f8546df8984d5262e767a7d943

diff --git a/inc/bearssl_ec.h b/inc/bearssl_ec.h
index 2c84bad..1ecb4cd 100644
--- a/inc/bearssl_ec.h
+++ b/inc/bearssl_ec.h
@@ -410,12 +410,12 @@ extern const br_ec_impl br_ec_prime_i31;
 extern const br_ec_impl br_ec_prime_i15;
 
 /**
- * \brief EC implementation "i15" for P-256.
+ * \brief EC implementation "m15" for P-256.
  *
  * This implementation uses specialised code for curve secp256r1 (also
- * known as NIST P-256), with Karatsuba decomposition, and fast modular
- * reduction thanks to the field modulus special format. Only 32-bit
- * multiplications are used (with 32-bit results, not 64-bit).
+ * known as NIST P-256), with optional Karatsuba decomposition, and fast
+ * modular reduction thanks to the field modulus special format. Only
+ * 32-bit multiplications are used (with 32-bit results, not 64-bit).
  */
 extern const br_ec_impl br_ec_p256_m15;
 
@@ -428,6 +428,14 @@ extern const br_ec_impl br_ec_p256_m15;
  */
 extern const br_ec_impl br_ec_c25519_i15;
 
+/**
+ * \brief EC implementation "m15" (specialised code) for Curve25519.
+ *
+ * This implementation uses custom code relying on multiplication of
+ * integers up to 15 bits. The `muladd()` method is not implemented.
+ */
+extern const br_ec_impl br_ec_c25519_m15;
+
 /**
  * \brief Convert a signature from "raw" to "asn1".
  *