Lines Matching +full:- +full:n
2 * Low-level modular bignum functions
4 * This interface should only be used by the higher-level modular bignum
6 * modules should use the high-level modular bignum interface (bignum_mod.h)
9 * This is a low-level interface to operations on integers modulo which
11 * the wrong size. The functions in bignum_mod.h provide a higher-level
17 * - **Modulus parameters**: the modulus is passed as a pointer to a structure
21 * named \c N and is usually input-only.
22 * - **Bignum parameters**: Bignums are passed as pointers to an array of
24 * - Bignum parameters called \c A, \c B, ... are inputs, and are not
26 * - Bignum parameters called \c X, \c Y are outputs or input-output.
27 * The initial content of output-only parameters is ignored.
28 * - \c T is a temporary storage area. The initial content of such a
30 * - **Bignum sizes**: bignum sizes are usually expressed by the \c limbs
35 * - **Bignum representation**: the representation of inputs and outputs is
38 * - **Parameter ordering**: for bignum parameters, outputs come before inputs.
41 * - **Aliasing**: in general, output bignums may be aliased to one or more
45 * - **Overlap**: apart from aliasing of limb array pointers (where two
48 * - **Error handling**: This is a low-level module. Functions generally do not
54 * - **Modular representatives**: all functions expect inputs to be in the
55 * range [0, \c N - 1] and guarantee outputs in the range [0, \c N - 1]. If
63 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
81 * The size to copy is determined by \p N.
87 * \param[in] N The address of the modulus related to \p X and \p A.
102 const mbedtls_mpi_mod_modulus *N,
109 * The size to swap is determined by \p N.
113 * \param[in] N The address of the modulus related to \p X and \p Y.
128 const mbedtls_mpi_mod_modulus *N,
136 * \param[out] X The address of the MPI. The size is determined by \p N.
138 * the modulus \p N.)
139 * \param[in] N The address of the modulus related to \p X.
148 * of \p N is invalid or \p X is not less than \p N.
151 const mbedtls_mpi_mod_modulus *N,
158 * \param[in] A The address of the MPI. The size is determined by \p N.
160 * the modulus \p N.)
161 * \param[in] N The address of the modulus related to \p A.
170 * of \p N is invalid.
173 const mbedtls_mpi_mod_modulus *N,
181 * The size of the operation is determined by \p N. \p A and \p B must have
182 * the same number of limbs as \p N.
192 * \param[in] N The address of the modulus. Used to perform a modulo
198 const mbedtls_mpi_mod_modulus *N);
203 * \note Currently handles the case when `N->int_rep` is
206 * The size of the operation is determined by \p N. \p A, \p B and \p X must
207 * all be associated with the modulus \p N and must all have the same number
208 * of limbs as \p N.
211 * either otherwise. They may not alias \p N (since they must be in canonical
212 * form, they cannot == \p N).
215 * number of limbs as \p N.
217 * the multiplication `A * B * R^-1` mod N where
218 * `R = 2^(biL * N->limbs)`.
221 * \param[in] N The address of the modulus. Used to perform a modulo
223 * \param[in,out] T Temporary storage of size at least 2 * N->limbs + 1
232 const mbedtls_mpi_mod_modulus *N,
243 * \param AN_limbs The number of limbs in the input `A` and the modulus `N`
253 * \brief Perform fixed-width modular inversion of a Montgomery-form MPI with
254 * respect to a modulus \p N that must be prime.
256 * \p X may be aliased to \p A, but not to \p N or \p RR.
258 * \param[out] X The modular inverse of \p A with respect to \p N.
262 * \param[in] N The modulus, as a little-endian array of length \p AN_limbs.
264 * \param AN_limbs The number of limbs in \p A, \p N and \p RR.
265 * \param[in] RR The precomputed residue of 2^{2*biL} modulo N, as a little-
279 const mbedtls_mpi_uint *N,
285 * \brief Perform a known-size modular addition.
287 * Calculate `A + B modulo N`.
290 * modulus \p N.
296 * \param[in] A Little-endian presentation of the left operand. This
297 * must be smaller than \p N.
298 * \param[in] B Little-endian presentation of the right operand. This
299 * must be smaller than \p N.
300 * \param[in] N The address of the modulus.
305 const mbedtls_mpi_mod_modulus *N);
307 /** Convert an MPI from canonical representation (little-endian limb array)
311 * It must have as many limbs as \p N.
315 * \param[in] N The modulus structure.
322 const mbedtls_mpi_mod_modulus *N);
325 * to canonical representation (little-endian limb array).
328 * It must have as many limbs as \p N.
332 * \param[in] N The modulus structure.
339 const mbedtls_mpi_mod_modulus *N);
344 * \p N exclusive.
350 * \note There are `N - min` possible outputs. The lower bound
351 * \p min can be reached, but the upper bound \p N cannot.
353 * \param X The destination MPI, in canonical representation modulo \p N.
354 * It must not be aliased with \p N or otherwise overlap it.
356 * than \b N.
357 * \param N The modulus.
365 * of attempts. This has a negligible probability if \p N
371 const mbedtls_mpi_mod_modulus *N,
378 * Must have the same number of limbs as \p N.
379 * \param N The address of the modulus, which gives the size of
380 * the base `R` = 2^(biL*N->limbs).
385 const mbedtls_mpi_mod_modulus *N);
390 * Must have the same number of limbs as \p N.
391 * \param N The address of the modulus, which gives the size of
392 * the base `R`= 2^(biL*N->limbs).
397 const mbedtls_mpi_mod_modulus *N);
401 * The size of the operation is determined by \p N. \p A must have
402 * the same number of limbs as \p N.
408 * \param[in] A Little-endian presentation of the input operand. This
409 * must be less than or equal to \p N.
410 * \param[in] N The modulus to use.
414 const mbedtls_mpi_mod_modulus *N);