libmbedtls: make mbedtls_mpi_mont*() available
Makes mbedtls_mpi_montg_init(), mbedtls_mpi_montmul() and
mbedtls_mpi_montred() available for external use.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
diff --git a/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h b/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h
index 0d90999..619fe1c 100644
--- a/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h
+++ b/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h
@@ -943,6 +943,41 @@
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
+
+/**
+ * \brief Montgomery initialization
+ *
+ * \param mm The -1/m mod N result
+ * \param N The modulus
+ */
+void mbedtls_mpi_montg_init( mbedtls_mpi_uint *mm, const mbedtls_mpi *N );
+
+/**
+ * \brief Montgomery multiplication: A = A * B * R^-1 mod N
+ * \A Parameter and result
+ * \B Parameter
+ * \N Modulus
+ * \mm Parameter from mbedtls_mpi_montg_init()
+ * \T Temporary variable, should be as twice as big as N + 2
+ * \return 0 if successful,
+ * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if nbits is < 3
+ */
+int mbedtls_mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B,
+ const mbedtls_mpi *N, mbedtls_mpi_uint mm,
+ const mbedtls_mpi *T );
+
+/**
+ * \brief Montgomery reduction: A = A * R^-1 mod N
+ * \A Parameter and result
+ * \N Modulus
+ * \mm Parameter from mbedtls_mpi_montg_init()
+ * \T Temporary variable, should be as twice as big as N + 2
+ * \return 0 if successful,
+ * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if nbits is < 3
+ */
+int mbedtls_mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N,
+ mbedtls_mpi_uint mm, const mbedtls_mpi *T );
+
/**
* \brief Checkup routine
*
diff --git a/lib/libmbedtls/mbedtls/library/bignum.c b/lib/libmbedtls/mbedtls/library/bignum.c
index 5b1181d..674026b 100644
--- a/lib/libmbedtls/mbedtls/library/bignum.c
+++ b/lib/libmbedtls/mbedtls/library/bignum.c
@@ -1653,7 +1653,7 @@
/*
* Fast Montgomery initialization (thanks to Tom St Denis)
*/
-static void mpi_montg_init( mbedtls_mpi_uint *mm, const mbedtls_mpi *N )
+void mbedtls_mpi_montg_init( mbedtls_mpi_uint *mm, const mbedtls_mpi *N )
{
mbedtls_mpi_uint x, m0 = N->p[0];
unsigned int i;
@@ -1670,7 +1670,8 @@
/*
* Montgomery multiplication: A = A * B * R^-1 mod N (HAC 14.36)
*/
-static int mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi *N, mbedtls_mpi_uint mm,
+int mbedtls_mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B,
+ const mbedtls_mpi *N, mbedtls_mpi_uint mm,
const mbedtls_mpi *T )
{
size_t i, n, m;
@@ -1713,8 +1714,8 @@
/*
* Montgomery reduction: A = A * R^-1 mod N
*/
-static int mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N,
- mbedtls_mpi_uint mm, const mbedtls_mpi *T )
+int mbedtls_mpi_montred( mbedtls_mpi *A, const mbedtls_mpi *N,
+ mbedtls_mpi_uint mm, const mbedtls_mpi *T )
{
mbedtls_mpi_uint z = 1;
mbedtls_mpi U;
@@ -1722,7 +1723,7 @@
U.n = U.s = (int) z;
U.p = &z;
- return( mpi_montmul( A, &U, N, mm, T ) );
+ return( mbedtls_mpi_montmul( A, &U, N, mm, T ) );
}
/*
@@ -1754,7 +1755,7 @@
/*
* Init temps and window size
*/
- mpi_montg_init( &mm, N );
+ mbedtls_mpi_montg_init( &mm, N );
mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &T );
mbedtls_mpi_init( &Apos );
memset( W, 0, sizeof( W ) );
@@ -1806,13 +1807,13 @@
else
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[1], A ) );
- MBEDTLS_MPI_CHK( mpi_montmul( &W[1], &RR, N, mm, &T ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_montmul( &W[1], &RR, N, mm, &T ) );
/*
* X = R^2 * R^-1 mod N = R mod N
*/
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( X, &RR ) );
- MBEDTLS_MPI_CHK( mpi_montred( X, N, mm, &T ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_montred( X, N, mm, &T ) );
if( wsize > 1 )
{
@@ -1825,7 +1826,7 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[j], &W[1] ) );
for( i = 0; i < wsize - 1; i++ )
- MBEDTLS_MPI_CHK( mpi_montmul( &W[j], &W[j], N, mm, &T ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_montmul( &W[j], &W[j], N, mm, &T ) );
/*
* W[i] = W[i - 1] * W[1]
@@ -1835,7 +1836,7 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[i], N->n + 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[i], &W[i - 1] ) );
- MBEDTLS_MPI_CHK( mpi_montmul( &W[i], &W[1], N, mm, &T ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_montmul( &W[i], &W[1], N, mm, &T ) );
}
}
@@ -1872,7 +1873,7 @@
/*
* out of window, square X
*/
- MBEDTLS_MPI_CHK( mpi_montmul( X, X, N, mm, &T ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_montmul( X, X, N, mm, &T ) );
continue;
}
@@ -1890,12 +1891,12 @@
* X = X^wsize R^-1 mod N
*/
for( i = 0; i < wsize; i++ )
- MBEDTLS_MPI_CHK( mpi_montmul( X, X, N, mm, &T ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_montmul( X, X, N, mm, &T ) );
/*
* X = X * W[wbits] R^-1 mod N
*/
- MBEDTLS_MPI_CHK( mpi_montmul( X, &W[wbits], N, mm, &T ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_montmul( X, &W[wbits], N, mm, &T ) );
state--;
nbits = 0;
@@ -1908,18 +1909,18 @@
*/
for( i = 0; i < nbits; i++ )
{
- MBEDTLS_MPI_CHK( mpi_montmul( X, X, N, mm, &T ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_montmul( X, X, N, mm, &T ) );
wbits <<= 1;
if( ( wbits & ( one << wsize ) ) != 0 )
- MBEDTLS_MPI_CHK( mpi_montmul( X, &W[1], N, mm, &T ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_montmul( X, &W[1], N, mm, &T ) );
}
/*
* X = A^E * R * R^-1 mod N = A^E mod N
*/
- MBEDTLS_MPI_CHK( mpi_montred( X, N, mm, &T ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_montred( X, N, mm, &T ) );
if( neg && E->n != 0 && ( E->p[0] & 1 ) != 0 )
{