by a BSD-style // license that can be found in the LICENSE file. package nistec import ( "crypto/internal/fips140/nistec/fiat" "sync" ) var p224GG *[96]fiat.P224Element var p224GGOnce sync.Once // p224SqrtCandidate sets r to a square root candidate for x. r and x must not overlap. func p224SqrtCandidate(r, x *fiat.P224Element) { // Since p = 1 mod 4, we can't use the exponentiation by (p + 1) / 4 like // for the other primes. Instead, implement a variation of Tonelli–Shanks. // The constant-time implementation...