Have mbedtls_mpi_montg_init() take the modulus, rather than just its least significant limb
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
This commit is contained in:
parent
958fd3dc0c
commit
f0ffb1585a
4 changed files with 11 additions and 11 deletions
|
@ -1550,7 +1550,7 @@ int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_
|
|||
*/
|
||||
static void mpi_montg_init( mbedtls_mpi_uint *mm, const mbedtls_mpi *N )
|
||||
{
|
||||
*mm = mbedtls_mpi_montg_init( N->p[0] );
|
||||
*mm = mbedtls_mpi_montg_init( N->p );
|
||||
}
|
||||
|
||||
/** Montgomery multiplication: A = A * B * R^-1 mod N (HAC 14.36)
|
||||
|
|
|
@ -348,14 +348,14 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
|
|||
/*
|
||||
* Fast Montgomery initialization (thanks to Tom St Denis).
|
||||
*/
|
||||
mbedtls_mpi_uint mbedtls_mpi_montg_init( mbedtls_mpi_uint m0 )
|
||||
mbedtls_mpi_uint mbedtls_mpi_montg_init( const mbedtls_mpi_uint *N )
|
||||
{
|
||||
mbedtls_mpi_uint x = m0;
|
||||
mbedtls_mpi_uint x = N[0];
|
||||
|
||||
x += ( ( m0 + 2 ) & 4 ) << 1;
|
||||
x += ( ( N[0] + 2 ) & 4 ) << 1;
|
||||
|
||||
for( unsigned int i = biL; i >= 8; i /= 2 )
|
||||
x *= ( 2 - ( m0 * x ) );
|
||||
x *= ( 2 - ( N[0] * x ) );
|
||||
|
||||
return( ~x + 1 );
|
||||
}
|
||||
|
|
|
@ -186,12 +186,12 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
|
|||
* \brief Calculate initialisation value for fast Montgomery modular
|
||||
* multiplication
|
||||
*
|
||||
* \param m0 The least-significant mbedtls_mpi_uint from the modulus, which
|
||||
* must be odd
|
||||
* \param[in] N Little-endian presentation of the modulus. This must have
|
||||
* at least one limb.
|
||||
*
|
||||
* \return The initialisation value for fast Montgomery modular multiplication
|
||||
* \return The initialisation value for fast Montgomery modular multiplication
|
||||
*/
|
||||
mbedtls_mpi_uint mbedtls_mpi_montg_init( mbedtls_mpi_uint m0 );
|
||||
mbedtls_mpi_uint mbedtls_mpi_montg_init( const mbedtls_mpi_uint *N );
|
||||
|
||||
/**
|
||||
* \brief Perform a known-size multiply accumulate operation: d += b * s
|
||||
|
|
|
@ -2015,7 +2015,7 @@ void mbedtls_mpi_montg_init( char * input_N, char * input_mm )
|
|||
TEST_EQUAL( mm.s, 1 );
|
||||
|
||||
/* mbedtls_mpi_montg_init() only returns a result, no error possible */
|
||||
mbedtls_mpi_uint result = mbedtls_mpi_montg_init( N.p[0] );
|
||||
mbedtls_mpi_uint result = mbedtls_mpi_montg_init( N.p );
|
||||
|
||||
/* Check we got the correct result */
|
||||
TEST_EQUAL( result, mm.p[0] );
|
||||
|
@ -2074,7 +2074,7 @@ void mbedtls_mpi_core_montmul( int limbs_AN4, int limbs_B4,
|
|||
TEST_EQUAL( mbedtls_mpi_grow( &T, limbs_AN * 2 + 1 ), 0 );
|
||||
|
||||
/* Calculate the Montgomery constant (this is unit tested separately) */
|
||||
mbedtls_mpi_uint mm = mbedtls_mpi_montg_init( N.p[0] );
|
||||
mbedtls_mpi_uint mm = mbedtls_mpi_montg_init( N.p );
|
||||
|
||||
TEST_EQUAL( mbedtls_mpi_grow( &R, limbs_AN ), 0 ); /* ensure it's got the right number of limbs */
|
||||
|
||||
|
|
Loading…
Reference in a new issue