34 		tmp->prime = crypto_ec_get_prime(tmp->ec);  in sae_set_group()
49 		tmp->prime_buf = crypto_bignum_init_set(tmp->dh->prime,  in sae_set_group()
55 		tmp->prime = tmp->prime_buf;  in sae_set_group()
173 get_rand_1_to_p_1(const u8 *prime, size_t prime_len, size_t prime_bits,  in get_rand_1_to_p_1()  argument
184 		if (os_memcmp(tmp, prime, prime_len) >= 0)  in get_rand_1_to_p_1()
203 				      const u8 *prime, size_t bits,  in is_quadratic_residue_blind()  argument
220 	r = get_rand_1_to_p_1(prime, sae->tmp->prime_len, bits, &r_odd);  in is_quadratic_residue_blind()
226 	    crypto_bignum_mulmod(y_sqr, r, sae->tmp->prime, num) < 0 ||  in is_quadratic_residue_blind()
227 	    crypto_bignum_mulmod(num, r, sae->tmp->prime, num) < 0)  in is_quadratic_residue_blind()
235 		if (crypto_bignum_mulmod(num, qr, sae->tmp->prime, num) < 0)  in is_quadratic_residue_blind()
243 		if (crypto_bignum_mulmod(num, qnr, sae->tmp->prime, num) < 0)  in is_quadratic_residue_blind()
248 	res = crypto_bignum_legendre(num, sae->tmp->prime);  in is_quadratic_residue_blind()
262 				 const u8 *prime,  in sae_test_pwd_seed_ecc()  argument
279 			prime, sae->tmp->prime_len, pwd_value, bits);  in sae_test_pwd_seed_ecc()
285 	if (os_memcmp(pwd_value, prime, sae->tmp->prime_len) >= 0)  in sae_test_pwd_seed_ecc()
297 	res = is_quadratic_residue_blind(sae, prime, bits, qr, qnr, y_sqr);  in sae_test_pwd_seed_ecc()
322 			sae->tmp->dh->prime, sae->tmp->prime_len, pwd_value,  in sae_test_pwd_seed_ffc()
329 	if (os_memcmp(pwd_value, sae->tmp->dh->prime, sae->tmp->prime_len) >= 0)  in sae_test_pwd_seed_ffc()
351 		    crypto_bignum_sub(sae->tmp->prime, b, b) < 0 ||  in sae_test_pwd_seed_ffc()
361 		res = crypto_bignum_exptmod(a, b, sae->tmp->prime, pwe);  in sae_test_pwd_seed_ffc()
382 static int get_random_qr_qnr(const u8 *prime, size_t prime_len,  in get_random_qr_qnr()  argument
399 		if (os_memcmp(tmp, prime, prime_len) >= 0)  in get_random_qr_qnr()
429 	u8 prime[SAE_MAX_ECC_PRIME_LEN];  in sae_derive_pwe_ecc()  local
442 	if (crypto_bignum_to_bin(sae->tmp->prime, prime, sizeof(prime),  in sae_derive_pwe_ecc()
451 	if (get_random_qr_qnr(prime, prime_len, sae->tmp->prime, bits,  in sae_derive_pwe_ecc()
492 					    prime, qr, qnr, &x_cand);  in sae_derive_pwe_ecc()
636 	if (crypto_bignum_exptmod(sae->tmp->pwe_ffc, mask, sae->tmp->prime,  in sae_derive_commit_element_ffc()
639 				  sae->tmp->prime,  in sae_derive_commit_element_ffc()
765 				  sae->tmp->prime, K) < 0 ||  in sae_derive_k_ffc()
767 				 sae->tmp->prime, K) < 0 ||  in sae_derive_k_ffc()
768 	    crypto_bignum_exptmod(K, sae->tmp->sae_rand, sae->tmp->prime, K) < 0  in sae_derive_k_ffc()
995 	u8 prime[SAE_MAX_ECC_PRIME_LEN];  in sae_parse_commit_element_ecc()  local
1003 	if (crypto_bignum_to_bin(sae->tmp->prime, prime, sizeof(prime),  in sae_parse_commit_element_ecc()
1008 	if (os_memcmp(pos, prime, sae->tmp->prime_len) >= 0 ||  in sae_parse_commit_element_ecc()
1009 	    os_memcmp(pos + sae->tmp->prime_len, prime,  in sae_parse_commit_element_ecc()
1060 	    crypto_bignum_sub(sae->tmp->prime, one, res) ||  in sae_parse_commit_element_ffc()
1073 				  sae->tmp->order, sae->tmp->prime, res) < 0 ||  in sae_parse_commit_element_ffc()