Bignum: Implement mbedtls_mpi_mod_raw_inv_prime() and tests

Fixes #6023. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2025-07-28 00:21:48 +03:00 · 2022-12-08 09:44:10 +00:00
parent a7f0d7b029
commit 6129268fee
6 changed files with 187 additions and 4 deletions
--- a/library/bignum_mod_raw.c
+++ b/library/bignum_mod_raw.c
@ -124,6 +124,34 @@ void mbedtls_mpi_mod_raw_sub( mbedtls_mpi_uint *X,

 /* BEGIN MERGE SLOT 3 */

+size_t mbedtls_mpi_mod_raw_inv_prime_working_limbs( size_t AN_limbs )
+{
+    /* mbedtls_mpi_mod_raw_inv_prime() needs a temporary for the exponent,
+     * which will be the same size as the modulus and input (AN_limbs),
+     * and additional space to pass to mbedtls_mpi_core_exp_mod(). */
+    return( AN_limbs +
+            mbedtls_mpi_core_exp_mod_working_limbs( AN_limbs, AN_limbs ) );
+}
+
+void mbedtls_mpi_mod_raw_inv_prime( mbedtls_mpi_uint *X,
+                                    const mbedtls_mpi_uint *A,
+                                    const mbedtls_mpi_uint *N,
+                                    size_t AN_limbs,
+                                    const mbedtls_mpi_uint *RR,
+                                    mbedtls_mpi_uint *T )
+{
+    /* Inversion by power: g^|G| = 1 => g^(-1) = g^(|G|-1), and
+     *                       |G| = N - 1, so we want
+     *                 g^(|G|-1) = g^(N - 2)
+     */
+    mbedtls_mpi_uint *Nminus2 = T;
+    (void) mbedtls_mpi_core_sub_int( Nminus2, N, 2, AN_limbs );
+
+    mbedtls_mpi_core_exp_mod( X,
+                              A, N, AN_limbs, Nminus2, AN_limbs,
+                              RR, T + AN_limbs );
+}
+
 /* END MERGE SLOT 3 */

 /* BEGIN MERGE SLOT 4 */