commit 630148e67f0cd3d337308321f72f444ca4ef1c35
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Wed Aug 13 13:57:35 2025 +0200
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Thu Aug 14 09:40:05 2025 +0200
tree dd0e5f2193260738823b8d79dcc2bed85f312bfc
parent 7dcfd7373170ef718863c0c61cda4ff3e5e25299

RSA: use constant-time modinv in deduce_crt()

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

library/bignum_internal.h

diff --git a/library/bignum_internal.h b/library/bignum_internal.h
index f3f6fcb..a947497 100644
--- a/library/bignum_internal.h
+++ b/library/bignum_internal.h
@@ -80,4 +80,22 @@
                                const mbedtls_mpi *A,
                                const mbedtls_mpi *N);
 
+/**
+ * \brief          Modular inverse: X = A^-1 mod N with N odd
+ *
+ * \param[out] X   The inverse of \p A modulo \p N on success,
+ *                 indeterminate otherwise.
+ * \param[in] A    The number to invert.
+ * \param[in] N    The modulus. Must be odd and greater than 1.
+ *
+ * \return         \c 0 if successful.
+ * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
+ * \return         #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if preconditions were not
+ *                 met.
+ * \return         #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if A is not invertible mod N.
+ */
+int mbedtls_mpi_inv_mod_odd(mbedtls_mpi *X,
+                            const mbedtls_mpi *A,
+                            const mbedtls_mpi *N);
+
 #endif /* bignum_internal.h */