• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /**
2  *  Low level bignum functions
3  *
4  *  Copyright The Mbed TLS Contributors
5  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6  */
7 
8 #ifndef MBEDTLS_BIGNUM_INTERNAL_H
9 #define MBEDTLS_BIGNUM_INTERNAL_H
10 
11 #include "mbedtls/bignum.h"
12 
13 /**
14  * \brief Calculate the square of the Montgomery constant. (Needed
15  *        for conversion and operations in Montgomery form.)
16  *
17  * \param[out] X  A pointer to the result of the calculation of
18  *                the square of the Montgomery constant:
19  *                2^{2*n*biL} mod N.
20  * \param[in]  N  Little-endian presentation of the modulus, which must be odd.
21  *
22  * \return        0 if successful.
23  * \return        #MBEDTLS_ERR_MPI_ALLOC_FAILED if there is not enough space
24  *                to store the value of Montgomery constant squared.
25  * \return        #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p N modulus is zero.
26  * \return        #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p N modulus is negative.
27  */
28 int mbedtls_mpi_get_mont_r2_unsafe(mbedtls_mpi *X,
29                                    const mbedtls_mpi *N);
30 
31 /**
32  * \brief Calculate initialisation value for fast Montgomery modular
33  *        multiplication
34  *
35  * \param[in] N  Little-endian presentation of the modulus. This must have
36  *               at least one limb.
37  *
38  * \return       The initialisation value for fast Montgomery modular multiplication
39  */
40 mbedtls_mpi_uint mbedtls_mpi_montmul_init(const mbedtls_mpi_uint *N);
41 
42 /** Montgomery multiplication: A = A * B * R^-1 mod N  (HAC 14.36)
43  *
44  * \param[in,out]   A   One of the numbers to multiply.
45  *                      It must have at least as many limbs as N
46  *                      (A->n >= N->n), and any limbs beyond n are ignored.
47  *                      On successful completion, A contains the result of
48  *                      the multiplication A * B * R^-1 mod N where
49  *                      R = (2^ciL)^n.
50  * \param[in]       B   One of the numbers to multiply.
51  *                      It must be nonzero and must not have more limbs than N
52  *                      (B->n <= N->n).
53  * \param[in]       N   The modulo. N must be odd.
54  * \param           mm  The value calculated by
55  *                      `mbedtls_mpi_montg_init(&mm, N)`.
56  *                      This is -N^-1 mod 2^ciL.
57  * \param[in,out]   T   A bignum for temporary storage.
58  *                      It must be at least twice the limb size of N plus 2
59  *                      (T->n >= 2 * (N->n + 1)).
60  *                      Its initial content is unused and
61  *                      its final content is indeterminate.
62  *                      Note that unlike the usual convention in the library
63  *                      for `const mbedtls_mpi*`, the content of T can change.
64  */
65 void mbedtls_mpi_montmul(mbedtls_mpi *A,
66                          const mbedtls_mpi *B,
67                          const mbedtls_mpi *N,
68                          mbedtls_mpi_uint mm,
69                          const mbedtls_mpi *T);
70 
71 #endif /* MBEDTLS_BIGNUM_INTERNAL_H */
72