Merge pull request #6457 from minosgalanakis/minos/6017_update_modulus_lifecycle

Bignum: Updated the modulus lifecyle
2025-07-29 11:41:15 +03:00 · 2022-10-31 11:28:37 +00:00
parent 1a22bef116 0c61a749b7
commit 2dc2757cca
4 changed files with 68 additions and 3 deletions
--- a/library/bignum_mod.c
+++ b/library/bignum_mod.c
@ -77,7 +77,14 @@ void mbedtls_mpi_mod_modulus_free( mbedtls_mpi_mod_modulus *m )
    switch( m->int_rep )
    {
        case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
-            mbedtls_free( m->rep.mont );
+            if (m->rep.mont.rr != NULL)
+            {
+                mbedtls_platform_zeroize( (mbedtls_mpi_uint *) m->rep.mont.rr,
+                                           m->limbs );
+                mbedtls_free( (mbedtls_mpi_uint *)m->rep.mont.rr );
+                m->rep.mont.rr = NULL;
+            }
+            m->rep.mont.mm = 0;
            break;
        case MBEDTLS_MPI_MOD_REP_OPT_RED:
            mbedtls_free( m->rep.ored );
@ -93,6 +100,41 @@ void mbedtls_mpi_mod_modulus_free( mbedtls_mpi_mod_modulus *m )
    m->int_rep = MBEDTLS_MPI_MOD_REP_INVALID;
 }

+static int set_mont_const_square( const mbedtls_mpi_uint **X,
+                                  const mbedtls_mpi_uint *A,
+                                  size_t limbs )
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_mpi N;
+    mbedtls_mpi RR;
+    *X = NULL;
+
+    mbedtls_mpi_init( &N );
+    mbedtls_mpi_init( &RR );
+
+    if ( A == NULL || limbs == 0 || limbs >= ( MBEDTLS_MPI_MAX_LIMBS / 2 ) - 2 )
+        goto cleanup;
+
+    if ( mbedtls_mpi_grow( &N, limbs ) )
+        goto cleanup;
+
+    memcpy( N.p, A, sizeof(mbedtls_mpi_uint) * limbs );
+
+    ret = mbedtls_mpi_core_get_mont_r2_unsafe(&RR, &N);
+
+    if ( ret == 0 )
+    {
+        *X = RR.p;
+        RR.p = NULL;
+    }
+
+cleanup:
+    mbedtls_mpi_free(&N);
+    mbedtls_mpi_free(&RR);
+    ret = ( ret != 0 ) ? MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED : 0;
+    return( ret );
+}
+
 int mbedtls_mpi_mod_modulus_setup( mbedtls_mpi_mod_modulus *m,
                                   const mbedtls_mpi_uint *p,
                                   size_t p_limbs,
@ -120,7 +162,8 @@ int mbedtls_mpi_mod_modulus_setup( mbedtls_mpi_mod_modulus *m,
    {
        case MBEDTLS_MPI_MOD_REP_MONTGOMERY:
            m->int_rep = int_rep;
-            m->rep.mont = NULL;
+            m->rep.mont.mm = mbedtls_mpi_core_montmul_init( m->p );
+            ret = set_mont_const_square( &m->rep.mont.rr, m->p, m->limbs );
            break;
        case MBEDTLS_MPI_MOD_REP_OPT_RED:
            m->int_rep = int_rep;
--- a/library/bignum_mod.h
+++ b/library/bignum_mod.h
@ -53,7 +53,11 @@ typedef struct
    size_t limbs;
 } mbedtls_mpi_mod_residue;

-typedef void *mbedtls_mpi_mont_struct;
+typedef struct {
+    mbedtls_mpi_uint const *rr;  /* The residue for 2^{2*n*biL} mod N */
+    mbedtls_mpi_uint mm;         /* Montgomery const for -N^{-1} mod 2^{ciL} */
+} mbedtls_mpi_mont_struct;
+
 typedef void *mbedtls_mpi_opt_red_struct;

 typedef struct {