commit 82976f3548592e44a1328c696008bbf3af7063ad
author Janos Follath <janos.follath@arm.com> Thu Aug 22 13:00:12 2024 +0100
committer Janos Follath <janos.follath@arm.com> Thu Aug 22 13:00:12 2024 +0100
tree d0dab673a9e1e82bd5a35a045988c093930f94f6
parent 6c2086931d558e92beffff58181626eaf709337c

Make mbedtls_mpi_exp_mod_unsafe internal

Signed-off-by: Janos Follath <janos.follath@arm.com>

include/mbedtls/bignum.h

diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h
index a945be3..8367cd3 100644
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h
@@ -882,39 +882,6 @@
 /**
  * \brief          Perform a modular exponentiation: X = A^E mod N
  *
- * \warning        This function is not constant time with respect to \p E (the exponent).
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- *                 This must not alias E or N.
- * \param A        The base of the exponentiation.
- *                 This must point to an initialized MPI.
- * \param E        The exponent MPI. This must point to an initialized MPI.
- * \param N        The base for the modular reduction. This must point to an
- *                 initialized MPI.
- * \param prec_RR  A helper MPI depending solely on \p N which can be used to
- *                 speed-up multiple modular exponentiations for the same value
- *                 of \p N. This may be \c NULL. If it is not \c NULL, it must
- *                 point to an initialized MPI. If it hasn't been used after
- *                 the call to mbedtls_mpi_init(), this function will compute
- *                 the helper value and store it in \p prec_RR for reuse on
- *                 subsequent calls to this function. Otherwise, the function
- *                 will assume that \p prec_RR holds the helper value set by a
- *                 previous call to mbedtls_mpi_exp_mod(), and reuse it.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \c N is negative or
- *                 even, or if \c E is negative.
- * \return         Another negative error code on different kinds of failures.
- *
- */
-int mbedtls_mpi_exp_mod_unsafe(mbedtls_mpi *X, const mbedtls_mpi *A,
-                               const mbedtls_mpi *E, const mbedtls_mpi *N,
-                               mbedtls_mpi *prec_RR);
-
-/**
- * \brief          Perform a modular exponentiation: X = A^E mod N
- *
  * \param X        The destination MPI. This must point to an initialized MPI.
  *                 This must not alias E or N.
  * \param A        The base of the exponentiation.

library/rsa.c

diff --git a/library/rsa.c b/library/rsa.c
index d0a2695..b6fea49 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -1229,6 +1229,16 @@
 }
 
 /*
+ * This function is identical to mbedtls_mpi_exp_mod() the only difference is that this function is
+ * not constant time.
+ *
+ * WARNING! This function is not constant time.
+ */
+int mbedtls_mpi_exp_mod_unsafe(mbedtls_mpi *X, const mbedtls_mpi *A,
+                               const mbedtls_mpi *E, const mbedtls_mpi *N,
+                               mbedtls_mpi *prec_RR);
+
+/*
  * Do an RSA public key operation
  */
 int mbedtls_rsa_public(mbedtls_rsa_context *ctx,