EIC code displayed by LXR |
|
|
|
|||
File indexing completed on 2025-08-27 09:37:29
0001 /** 0002 * \file bignum.h 0003 * 0004 * \brief Multi-precision integer library 0005 */ 0006 /* 0007 * Copyright The Mbed TLS Contributors 0008 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 0009 */ 0010 #ifndef MBEDTLS_BIGNUM_H 0011 #define MBEDTLS_BIGNUM_H 0012 #include "mbedtls/private_access.h" 0013 0014 #include "mbedtls/build_info.h" 0015 0016 #include <stddef.h> 0017 #include <stdint.h> 0018 0019 #if defined(MBEDTLS_FS_IO) 0020 #include <stdio.h> 0021 #endif 0022 0023 /** An error occurred while reading from or writing to a file. */ 0024 #define MBEDTLS_ERR_MPI_FILE_IO_ERROR -0x0002 0025 /** Bad input parameters to function. */ 0026 #define MBEDTLS_ERR_MPI_BAD_INPUT_DATA -0x0004 0027 /** There is an invalid character in the digit string. */ 0028 #define MBEDTLS_ERR_MPI_INVALID_CHARACTER -0x0006 0029 /** The buffer is too small to write to. */ 0030 #define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL -0x0008 0031 /** The input arguments are negative or result in illegal output. */ 0032 #define MBEDTLS_ERR_MPI_NEGATIVE_VALUE -0x000A 0033 /** The input argument for division is zero, which is not allowed. */ 0034 #define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C 0035 /** The input arguments are not acceptable. */ 0036 #define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E 0037 /** Memory allocation failed. */ 0038 #define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010 0039 0040 #define MBEDTLS_MPI_CHK(f) \ 0041 do \ 0042 { \ 0043 if ((ret = (f)) != 0) \ 0044 goto cleanup; \ 0045 } while (0) 0046 0047 /* 0048 * Maximum size MPIs are allowed to grow to in number of limbs. 0049 */ 0050 #define MBEDTLS_MPI_MAX_LIMBS 10000 0051 0052 #if !defined(MBEDTLS_MPI_WINDOW_SIZE) 0053 /* 0054 * Maximum window size used for modular exponentiation. Default: 3 0055 * Minimum value: 1. Maximum value: 6. 0056 * 0057 * Result is an array of ( 2 ** MBEDTLS_MPI_WINDOW_SIZE ) MPIs used 0058 * for the sliding window calculation. (So 8 by default) 0059 * 0060 * Reduction in size, reduces speed. 0061 */ 0062 #define MBEDTLS_MPI_WINDOW_SIZE 3 /**< Maximum window size used. */ 0063 #endif /* !MBEDTLS_MPI_WINDOW_SIZE */ 0064 0065 #if !defined(MBEDTLS_MPI_MAX_SIZE) 0066 /* 0067 * Maximum size of MPIs allowed in bits and bytes for user-MPIs. 0068 * ( Default: 512 bytes => 4096 bits, Maximum tested: 2048 bytes => 16384 bits ) 0069 * 0070 * Note: Calculations can temporarily result in larger MPIs. So the number 0071 * of limbs required (MBEDTLS_MPI_MAX_LIMBS) is higher. 0072 */ 0073 #define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ 0074 #endif /* !MBEDTLS_MPI_MAX_SIZE */ 0075 0076 #define MBEDTLS_MPI_MAX_BITS (8 * MBEDTLS_MPI_MAX_SIZE) /**< Maximum number of bits for usable MPIs. */ 0077 0078 /* 0079 * When reading from files with mbedtls_mpi_read_file() and writing to files with 0080 * mbedtls_mpi_write_file() the buffer should have space 0081 * for a (short) label, the MPI (in the provided radix), the newline 0082 * characters and the '\0'. 0083 * 0084 * By default we assume at least a 10 char label, a minimum radix of 10 0085 * (decimal) and a maximum of 4096 bit numbers (1234 decimal chars). 0086 * Autosized at compile time for at least a 10 char label, a minimum radix 0087 * of 10 (decimal) for a number of MBEDTLS_MPI_MAX_BITS size. 0088 * 0089 * This used to be statically sized to 1250 for a maximum of 4096 bit 0090 * numbers (1234 decimal chars). 0091 * 0092 * Calculate using the formula: 0093 * MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) + 0094 * LabelSize + 6 0095 */ 0096 #define MBEDTLS_MPI_MAX_BITS_SCALE100 (100 * MBEDTLS_MPI_MAX_BITS) 0097 #define MBEDTLS_LN_2_DIV_LN_10_SCALE100 332 0098 #define MBEDTLS_MPI_RW_BUFFER_SIZE (((MBEDTLS_MPI_MAX_BITS_SCALE100 + \ 0099 MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / \ 0100 MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6) 0101 0102 /* 0103 * Define the base integer type, architecture-wise. 0104 * 0105 * 32 or 64-bit integer types can be forced regardless of the underlying 0106 * architecture by defining MBEDTLS_HAVE_INT32 or MBEDTLS_HAVE_INT64 0107 * respectively and undefining MBEDTLS_HAVE_ASM. 0108 * 0109 * Double-width integers (e.g. 128-bit in 64-bit architectures) can be 0110 * disabled by defining MBEDTLS_NO_UDBL_DIVISION. 0111 */ 0112 #if !defined(MBEDTLS_HAVE_INT32) 0113 #if defined(_MSC_VER) && defined(_M_AMD64) 0114 /* Always choose 64-bit when using MSC */ 0115 #if !defined(MBEDTLS_HAVE_INT64) 0116 #define MBEDTLS_HAVE_INT64 0117 #endif /* !MBEDTLS_HAVE_INT64 */ 0118 typedef int64_t mbedtls_mpi_sint; 0119 typedef uint64_t mbedtls_mpi_uint; 0120 #define MBEDTLS_MPI_UINT_MAX UINT64_MAX 0121 #elif defined(__GNUC__) && ( \ 0122 defined(__amd64__) || defined(__x86_64__) || \ 0123 defined(__ppc64__) || defined(__powerpc64__) || \ 0124 defined(__ia64__) || defined(__alpha__) || \ 0125 (defined(__sparc__) && defined(__arch64__)) || \ 0126 defined(__s390x__) || defined(__mips64) || \ 0127 defined(__aarch64__)) 0128 #if !defined(MBEDTLS_HAVE_INT64) 0129 #define MBEDTLS_HAVE_INT64 0130 #endif /* MBEDTLS_HAVE_INT64 */ 0131 typedef int64_t mbedtls_mpi_sint; 0132 typedef uint64_t mbedtls_mpi_uint; 0133 #define MBEDTLS_MPI_UINT_MAX UINT64_MAX 0134 #if !defined(MBEDTLS_NO_UDBL_DIVISION) 0135 /* mbedtls_t_udbl defined as 128-bit unsigned int */ 0136 typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI))); 0137 #define MBEDTLS_HAVE_UDBL 0138 #endif /* !MBEDTLS_NO_UDBL_DIVISION */ 0139 #elif defined(__ARMCC_VERSION) && defined(__aarch64__) 0140 /* 0141 * __ARMCC_VERSION is defined for both armcc and armclang and 0142 * __aarch64__ is only defined by armclang when compiling 64-bit code 0143 */ 0144 #if !defined(MBEDTLS_HAVE_INT64) 0145 #define MBEDTLS_HAVE_INT64 0146 #endif /* !MBEDTLS_HAVE_INT64 */ 0147 typedef int64_t mbedtls_mpi_sint; 0148 typedef uint64_t mbedtls_mpi_uint; 0149 #define MBEDTLS_MPI_UINT_MAX UINT64_MAX 0150 #if !defined(MBEDTLS_NO_UDBL_DIVISION) 0151 /* mbedtls_t_udbl defined as 128-bit unsigned int */ 0152 typedef __uint128_t mbedtls_t_udbl; 0153 #define MBEDTLS_HAVE_UDBL 0154 #endif /* !MBEDTLS_NO_UDBL_DIVISION */ 0155 #elif defined(MBEDTLS_HAVE_INT64) 0156 /* Force 64-bit integers with unknown compiler */ 0157 typedef int64_t mbedtls_mpi_sint; 0158 typedef uint64_t mbedtls_mpi_uint; 0159 #define MBEDTLS_MPI_UINT_MAX UINT64_MAX 0160 #endif 0161 #endif /* !MBEDTLS_HAVE_INT32 */ 0162 0163 #if !defined(MBEDTLS_HAVE_INT64) 0164 /* Default to 32-bit compilation */ 0165 #if !defined(MBEDTLS_HAVE_INT32) 0166 #define MBEDTLS_HAVE_INT32 0167 #endif /* !MBEDTLS_HAVE_INT32 */ 0168 typedef int32_t mbedtls_mpi_sint; 0169 typedef uint32_t mbedtls_mpi_uint; 0170 #define MBEDTLS_MPI_UINT_MAX UINT32_MAX 0171 #if !defined(MBEDTLS_NO_UDBL_DIVISION) 0172 typedef uint64_t mbedtls_t_udbl; 0173 #define MBEDTLS_HAVE_UDBL 0174 #endif /* !MBEDTLS_NO_UDBL_DIVISION */ 0175 #endif /* !MBEDTLS_HAVE_INT64 */ 0176 0177 /* 0178 * Sanity check that exactly one of MBEDTLS_HAVE_INT32 or MBEDTLS_HAVE_INT64 is defined, 0179 * so that code elsewhere doesn't have to check. 0180 */ 0181 #if (!(defined(MBEDTLS_HAVE_INT32) || defined(MBEDTLS_HAVE_INT64))) || \ 0182 (defined(MBEDTLS_HAVE_INT32) && defined(MBEDTLS_HAVE_INT64)) 0183 #error "Only 32-bit or 64-bit limbs are supported in bignum" 0184 #endif 0185 0186 /** \typedef mbedtls_mpi_uint 0187 * \brief The type of machine digits in a bignum, called _limbs_. 0188 * 0189 * This is always an unsigned integer type with no padding bits. The size 0190 * is platform-dependent. 0191 */ 0192 0193 /** \typedef mbedtls_mpi_sint 0194 * \brief The signed type corresponding to #mbedtls_mpi_uint. 0195 * 0196 * This is always an signed integer type with no padding bits. The size 0197 * is platform-dependent. 0198 */ 0199 0200 #ifdef __cplusplus 0201 extern "C" { 0202 #endif 0203 0204 /** 0205 * \brief MPI structure 0206 */ 0207 typedef struct mbedtls_mpi { 0208 /** Pointer to limbs. 0209 * 0210 * This may be \c NULL if \c n is 0. 0211 */ 0212 mbedtls_mpi_uint *MBEDTLS_PRIVATE(p); 0213 0214 /** Sign: -1 if the mpi is negative, 1 otherwise. 0215 * 0216 * The number 0 must be represented with `s = +1`. Although many library 0217 * functions treat all-limbs-zero as equivalent to a valid representation 0218 * of 0 regardless of the sign bit, there are exceptions, so bignum 0219 * functions and external callers must always set \c s to +1 for the 0220 * number zero. 0221 * 0222 * Note that this implies that calloc() or `... = {0}` does not create 0223 * a valid MPI representation. You must call mbedtls_mpi_init(). 0224 */ 0225 signed short MBEDTLS_PRIVATE(s); 0226 0227 /** Total number of limbs in \c p. */ 0228 unsigned short MBEDTLS_PRIVATE(n); 0229 /* Make sure that MBEDTLS_MPI_MAX_LIMBS fits in n. 0230 * Use the same limit value on all platforms so that we don't have to 0231 * think about different behavior on the rare platforms where 0232 * unsigned short can store values larger than the minimum required by 0233 * the C language, which is 65535. 0234 */ 0235 #if MBEDTLS_MPI_MAX_LIMBS > 65535 0236 #error "MBEDTLS_MPI_MAX_LIMBS > 65535 is not supported" 0237 #endif 0238 } 0239 mbedtls_mpi; 0240 0241 /** 0242 * \brief Initialize an MPI context. 0243 * 0244 * This makes the MPI ready to be set or freed, 0245 * but does not define a value for the MPI. 0246 * 0247 * \param X The MPI context to initialize. This must not be \c NULL. 0248 */ 0249 void mbedtls_mpi_init(mbedtls_mpi *X); 0250 0251 /** 0252 * \brief This function frees the components of an MPI context. 0253 * 0254 * \param X The MPI context to be cleared. This may be \c NULL, 0255 * in which case this function is a no-op. If it is 0256 * not \c NULL, it must point to an initialized MPI. 0257 */ 0258 void mbedtls_mpi_free(mbedtls_mpi *X); 0259 0260 /** 0261 * \brief Enlarge an MPI to the specified number of limbs. 0262 * 0263 * \note This function does nothing if the MPI is 0264 * already large enough. 0265 * 0266 * \param X The MPI to grow. It must be initialized. 0267 * \param nblimbs The target number of limbs. 0268 * 0269 * \return \c 0 if successful. 0270 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. 0271 * \return Another negative error code on other kinds of failure. 0272 */ 0273 int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs); 0274 0275 /** 0276 * \brief This function resizes an MPI downwards, keeping at least the 0277 * specified number of limbs. 0278 * 0279 * If \c X is smaller than \c nblimbs, it is resized up 0280 * instead. 0281 * 0282 * \param X The MPI to shrink. This must point to an initialized MPI. 0283 * \param nblimbs The minimum number of limbs to keep. 0284 * 0285 * \return \c 0 if successful. 0286 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed 0287 * (this can only happen when resizing up). 0288 * \return Another negative error code on other kinds of failure. 0289 */ 0290 int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs); 0291 0292 /** 0293 * \brief Make a copy of an MPI. 0294 * 0295 * \param X The destination MPI. This must point to an initialized MPI. 0296 * \param Y The source MPI. This must point to an initialized MPI. 0297 * 0298 * \note The limb-buffer in the destination MPI is enlarged 0299 * if necessary to hold the value in the source MPI. 0300 * 0301 * \return \c 0 if successful. 0302 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. 0303 * \return Another negative error code on other kinds of failure. 0304 */ 0305 int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y); 0306 0307 /** 0308 * \brief Swap the contents of two MPIs. 0309 * 0310 * \param X The first MPI. It must be initialized. 0311 * \param Y The second MPI. It must be initialized. 0312 */ 0313 void mbedtls_mpi_swap(mbedtls_mpi *X, mbedtls_mpi *Y); 0314 0315 /** 0316 * \brief Perform a safe conditional copy of MPI which doesn't 0317 * reveal whether the condition was true or not. 0318 * 0319 * \param X The MPI to conditionally assign to. This must point 0320 * to an initialized MPI. 0321 * \param Y The MPI to be assigned from. This must point to an 0322 * initialized MPI. 0323 * \param assign The condition deciding whether to perform the 0324 * assignment or not. Must be either 0 or 1: 0325 * * \c 1: Perform the assignment `X = Y`. 0326 * * \c 0: Keep the original value of \p X. 0327 * 0328 * \note This function is equivalent to 0329 * `if( assign ) mbedtls_mpi_copy( X, Y );` 0330 * except that it avoids leaking any information about whether 0331 * the assignment was done or not (the above code may leak 0332 * information through branch prediction and/or memory access 0333 * patterns analysis). 0334 * 0335 * \warning If \p assign is neither 0 nor 1, the result of this function 0336 * is indeterminate, and the resulting value in \p X might be 0337 * neither its original value nor the value in \p Y. 0338 * 0339 * \return \c 0 if successful. 0340 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. 0341 * \return Another negative error code on other kinds of failure. 0342 */ 0343 int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign); 0344 0345 /** 0346 * \brief Perform a safe conditional swap which doesn't 0347 * reveal whether the condition was true or not. 0348 * 0349 * \param X The first MPI. This must be initialized. 0350 * \param Y The second MPI. This must be initialized. 0351 * \param swap The condition deciding whether to perform 0352 * the swap or not. Must be either 0 or 1: 0353 * * \c 1: Swap the values of \p X and \p Y. 0354 * * \c 0: Keep the original values of \p X and \p Y. 0355 * 0356 * \note This function is equivalent to 0357 * if( swap ) mbedtls_mpi_swap( X, Y ); 0358 * except that it avoids leaking any information about whether 0359 * the swap was done or not (the above code may leak 0360 * information through branch prediction and/or memory access 0361 * patterns analysis). 0362 * 0363 * \warning If \p swap is neither 0 nor 1, the result of this function 0364 * is indeterminate, and both \p X and \p Y might end up with 0365 * values different to either of the original ones. 0366 * 0367 * \return \c 0 if successful. 0368 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. 0369 * \return Another negative error code on other kinds of failure. 0370 * 0371 */ 0372 int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap); 0373 0374 /** 0375 * \brief Store integer value in MPI. 0376 * 0377 * \param X The MPI to set. This must be initialized. 0378 * \param z The value to use. 0379 * 0380 * \return \c 0 if successful. 0381 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. 0382 * \return Another negative error code on other kinds of failure. 0383 */ 0384 int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z); 0385 0386 /** 0387 * \brief Get a specific bit from an MPI. 0388 * 0389 * \param X The MPI to query. This must be initialized. 0390 * \param pos Zero-based index of the bit to query. 0391 * 0392 * \return \c 0 or \c 1 on success, depending on whether bit \c pos 0393 * of \c X is unset or set. 0394 * \return A negative error code on failure. 0395 */ 0396 int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos); 0397 0398 /** 0399 * \brief Modify a specific bit in an MPI. 0400 * 0401 * \note This function will grow the target MPI if necessary to set a 0402 * bit to \c 1 in a not yet existing limb. It will not grow if 0403 * the bit should be set to \c 0. 0404 * 0405 * \param X The MPI to modify. This must be initialized. 0406 * \param pos Zero-based index of the bit to modify. 0407 * \param val The desired value of bit \c pos: \c 0 or \c 1. 0408 * 0409 * \return \c 0 if successful. 0410 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. 0411 * \return Another negative error code on other kinds of failure. 0412 */ 0413 int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val); 0414 0415 /** 0416 * \brief Return the number of bits of value \c 0 before the 0417 * least significant bit of value \c 1. 0418 * 0419 * \note This is the same as the zero-based index of 0420 * the least significant bit of value \c 1. 0421 * 0422 * \param X The MPI to query. 0423 * 0424 * \return The number of bits of value \c 0 before the least significant 0425 * bit of value \c 1 in \p X. 0426 */ 0427 size_t mbedtls_mpi_lsb(const mbedtls_mpi *X); 0428 0429 /** 0430 * \brief Return the number of bits up to and including the most 0431 * significant bit of value \c 1. 0432 * 0433 * * \note This is same as the one-based index of the most 0434 * significant bit of value \c 1. 0435 * 0436 * \param X The MPI to query. This must point to an initialized MPI. 0437 * 0438 * \return The number of bits up to and including the most 0439 * significant bit of value \c 1. 0440 */ 0441 size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X); 0442 0443 /** 0444 * \brief Return the total size of an MPI value in bytes. 0445 * 0446 * \param X The MPI to use. This must point to an initialized MPI. 0447 * 0448 * \note The value returned by this function may be less than 0449 * the number of bytes used to store \p X internally. 0450 * This happens if and only if there are trailing bytes 0451 * of value zero. 0452 * 0453 * \return The least number of bytes capable of storing 0454 * the absolute value of \p X. 0455 */ 0456 size_t mbedtls_mpi_size(const mbedtls_mpi *X); 0457 0458 /** 0459 * \brief Import an MPI from an ASCII string. 0460 * 0461 * \param X The destination MPI. This must point to an initialized MPI. 0462 * \param radix The numeric base of the input string. 0463 * \param s Null-terminated string buffer. 0464 * 0465 * \return \c 0 if successful. 0466 * \return A negative error code on failure. 0467 */ 0468 int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s); 0469 0470 /** 0471 * \brief Export an MPI to an ASCII string. 0472 * 0473 * \param X The source MPI. This must point to an initialized MPI. 0474 * \param radix The numeric base of the output string. 0475 * \param buf The buffer to write the string to. This must be writable 0476 * buffer of length \p buflen Bytes. 0477 * \param buflen The available size in Bytes of \p buf. 0478 * \param olen The address at which to store the length of the string 0479 * written, including the final \c NULL byte. This must 0480 * not be \c NULL. 0481 * 0482 * \note You can call this function with `buflen == 0` to obtain the 0483 * minimum required buffer size in `*olen`. 0484 * 0485 * \return \c 0 if successful. 0486 * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if the target buffer \p buf 0487 * is too small to hold the value of \p X in the desired base. 0488 * In this case, `*olen` is nonetheless updated to contain the 0489 * size of \p buf required for a successful call. 0490 * \return Another negative error code on different kinds of failure. 0491 */ 0492 int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix, 0493 char *buf, size_t buflen, size_t *olen); 0494 0495 #if defined(MBEDTLS_FS_IO) 0496 /** 0497 * \brief Read an MPI from a line in an opened file. 0498 * 0499 * \param X The destination MPI. This must point to an initialized MPI. 0500 * \param radix The numeric base of the string representation used 0501 * in the source line. 0502 * \param fin The input file handle to use. This must not be \c NULL. 0503 * 0504 * \note On success, this function advances the file stream 0505 * to the end of the current line or to EOF. 0506 * 0507 * The function returns \c 0 on an empty line. 0508 * 0509 * Leading whitespaces are ignored, as is a 0510 * '0x' prefix for radix \c 16. 0511 * 0512 * \return \c 0 if successful. 0513 * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if the file read buffer 0514 * is too small. 0515 * \return Another negative error code on failure. 0516 */ 0517 int mbedtls_mpi_read_file(mbedtls_mpi *X, int radix, FILE *fin); 0518 0519 /** 0520 * \brief Export an MPI into an opened file. 0521 * 0522 * \param p A string prefix to emit prior to the MPI data. 0523 * For example, this might be a label, or "0x" when 0524 * printing in base \c 16. This may be \c NULL if no prefix 0525 * is needed. 0526 * \param X The source MPI. This must point to an initialized MPI. 0527 * \param radix The numeric base to be used in the emitted string. 0528 * \param fout The output file handle. This may be \c NULL, in which case 0529 * the output is written to \c stdout. 0530 * 0531 * \return \c 0 if successful. 0532 * \return A negative error code on failure. 0533 */ 0534 int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X, 0535 int radix, FILE *fout); 0536 #endif /* MBEDTLS_FS_IO */ 0537 0538 /** 0539 * \brief Import an MPI from unsigned big endian binary data. 0540 * 0541 * \param X The destination MPI. This must point to an initialized MPI. 0542 * \param buf The input buffer. This must be a readable buffer of length 0543 * \p buflen Bytes. 0544 * \param buflen The length of the input buffer \p buf in Bytes. 0545 * 0546 * \return \c 0 if successful. 0547 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. 0548 * \return Another negative error code on different kinds of failure. 0549 */ 0550 int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf, 0551 size_t buflen); 0552 0553 /** 0554 * \brief Import X from unsigned binary data, little endian 0555 * 0556 * \param X The destination MPI. This must point to an initialized MPI. 0557 * \param buf The input buffer. This must be a readable buffer of length 0558 * \p buflen Bytes. 0559 * \param buflen The length of the input buffer \p buf in Bytes. 0560 * 0561 * \return \c 0 if successful. 0562 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. 0563 * \return Another negative error code on different kinds of failure. 0564 */ 0565 int mbedtls_mpi_read_binary_le(mbedtls_mpi *X, 0566 const unsigned char *buf, size_t buflen); 0567 0568 /** 0569 * \brief Export X into unsigned binary data, big endian. 0570 * Always fills the whole buffer, which will start with zeros 0571 * if the number is smaller. 0572 * 0573 * \param X The source MPI. This must point to an initialized MPI. 0574 * \param buf The output buffer. This must be a writable buffer of length 0575 * \p buflen Bytes. 0576 * \param buflen The size of the output buffer \p buf in Bytes. 0577 * 0578 * \return \c 0 if successful. 0579 * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p buf isn't 0580 * large enough to hold the value of \p X. 0581 * \return Another negative error code on different kinds of failure. 0582 */ 0583 int mbedtls_mpi_write_binary(const mbedtls_mpi *X, unsigned char *buf, 0584 size_t buflen); 0585 0586 /** 0587 * \brief Export X into unsigned binary data, little endian. 0588 * Always fills the whole buffer, which will end with zeros 0589 * if the number is smaller. 0590 * 0591 * \param X The source MPI. This must point to an initialized MPI. 0592 * \param buf The output buffer. This must be a writable buffer of length 0593 * \p buflen Bytes. 0594 * \param buflen The size of the output buffer \p buf in Bytes. 0595 * 0596 * \return \c 0 if successful. 0597 * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p buf isn't 0598 * large enough to hold the value of \p X. 0599 * \return Another negative error code on different kinds of failure. 0600 */ 0601 int mbedtls_mpi_write_binary_le(const mbedtls_mpi *X, 0602 unsigned char *buf, size_t buflen); 0603 0604 /** 0605 * \brief Perform a left-shift on an MPI: X <<= count 0606 * 0607 * \param X The MPI to shift. This must point to an initialized MPI. 0608 * The MPI pointed by \p X may be resized to fit 0609 * the resulting number. 0610 * \param count The number of bits to shift by. 0611 * 0612 * \return \c 0 if successful. 0613 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0614 * \return Another negative error code on different kinds of failure. 0615 */ 0616 int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count); 0617 0618 /** 0619 * \brief Perform a right-shift on an MPI: X >>= count 0620 * 0621 * \param X The MPI to shift. This must point to an initialized MPI. 0622 * \param count The number of bits to shift by. 0623 * 0624 * \return \c 0 if successful. 0625 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0626 * \return Another negative error code on different kinds of failure. 0627 */ 0628 int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count); 0629 0630 /** 0631 * \brief Compare the absolute values of two MPIs. 0632 * 0633 * \param X The left-hand MPI. This must point to an initialized MPI. 0634 * \param Y The right-hand MPI. This must point to an initialized MPI. 0635 * 0636 * \return \c 1 if `|X|` is greater than `|Y|`. 0637 * \return \c -1 if `|X|` is lesser than `|Y|`. 0638 * \return \c 0 if `|X|` is equal to `|Y|`. 0639 */ 0640 int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y); 0641 0642 /** 0643 * \brief Compare two MPIs. 0644 * 0645 * \param X The left-hand MPI. This must point to an initialized MPI. 0646 * \param Y The right-hand MPI. This must point to an initialized MPI. 0647 * 0648 * \return \c 1 if \p X is greater than \p Y. 0649 * \return \c -1 if \p X is lesser than \p Y. 0650 * \return \c 0 if \p X is equal to \p Y. 0651 */ 0652 int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y); 0653 0654 /** 0655 * \brief Check if an MPI is less than the other in constant time. 0656 * 0657 * \param X The left-hand MPI. This must point to an initialized MPI 0658 * with the same allocated length as Y. 0659 * \param Y The right-hand MPI. This must point to an initialized MPI 0660 * with the same allocated length as X. 0661 * \param ret The result of the comparison: 0662 * \c 1 if \p X is less than \p Y. 0663 * \c 0 if \p X is greater than or equal to \p Y. 0664 * 0665 * \return 0 on success. 0666 * \return MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of 0667 * the two input MPIs is not the same. 0668 */ 0669 int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, const mbedtls_mpi *Y, 0670 unsigned *ret); 0671 0672 /** 0673 * \brief Compare an MPI with an integer. 0674 * 0675 * \param X The left-hand MPI. This must point to an initialized MPI. 0676 * \param z The integer value to compare \p X to. 0677 * 0678 * \return \c 1 if \p X is greater than \p z. 0679 * \return \c -1 if \p X is lesser than \p z. 0680 * \return \c 0 if \p X is equal to \p z. 0681 */ 0682 int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z); 0683 0684 /** 0685 * \brief Perform an unsigned addition of MPIs: X = |A| + |B| 0686 * 0687 * \param X The destination MPI. This must point to an initialized MPI. 0688 * \param A The first summand. This must point to an initialized MPI. 0689 * \param B The second summand. This must point to an initialized MPI. 0690 * 0691 * \return \c 0 if successful. 0692 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0693 * \return Another negative error code on different kinds of failure. 0694 */ 0695 int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A, 0696 const mbedtls_mpi *B); 0697 0698 /** 0699 * \brief Perform an unsigned subtraction of MPIs: X = |A| - |B| 0700 * 0701 * \param X The destination MPI. This must point to an initialized MPI. 0702 * \param A The minuend. This must point to an initialized MPI. 0703 * \param B The subtrahend. This must point to an initialized MPI. 0704 * 0705 * \return \c 0 if successful. 0706 * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p B is greater than \p A. 0707 * \return Another negative error code on different kinds of failure. 0708 * 0709 */ 0710 int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A, 0711 const mbedtls_mpi *B); 0712 0713 /** 0714 * \brief Perform a signed addition of MPIs: X = A + B 0715 * 0716 * \param X The destination MPI. This must point to an initialized MPI. 0717 * \param A The first summand. This must point to an initialized MPI. 0718 * \param B The second summand. This must point to an initialized MPI. 0719 * 0720 * \return \c 0 if successful. 0721 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0722 * \return Another negative error code on different kinds of failure. 0723 */ 0724 int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, 0725 const mbedtls_mpi *B); 0726 0727 /** 0728 * \brief Perform a signed subtraction of MPIs: X = A - B 0729 * 0730 * \param X The destination MPI. This must point to an initialized MPI. 0731 * \param A The minuend. This must point to an initialized MPI. 0732 * \param B The subtrahend. This must point to an initialized MPI. 0733 * 0734 * \return \c 0 if successful. 0735 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0736 * \return Another negative error code on different kinds of failure. 0737 */ 0738 int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, 0739 const mbedtls_mpi *B); 0740 0741 /** 0742 * \brief Perform a signed addition of an MPI and an integer: X = A + b 0743 * 0744 * \param X The destination MPI. This must point to an initialized MPI. 0745 * \param A The first summand. This must point to an initialized MPI. 0746 * \param b The second summand. 0747 * 0748 * \return \c 0 if successful. 0749 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0750 * \return Another negative error code on different kinds of failure. 0751 */ 0752 int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A, 0753 mbedtls_mpi_sint b); 0754 0755 /** 0756 * \brief Perform a signed subtraction of an MPI and an integer: 0757 * X = A - b 0758 * 0759 * \param X The destination MPI. This must point to an initialized MPI. 0760 * \param A The minuend. This must point to an initialized MPI. 0761 * \param b The subtrahend. 0762 * 0763 * \return \c 0 if successful. 0764 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0765 * \return Another negative error code on different kinds of failure. 0766 */ 0767 int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A, 0768 mbedtls_mpi_sint b); 0769 0770 /** 0771 * \brief Perform a multiplication of two MPIs: X = A * B 0772 * 0773 * \param X The destination MPI. This must point to an initialized MPI. 0774 * \param A The first factor. This must point to an initialized MPI. 0775 * \param B The second factor. This must point to an initialized MPI. 0776 * 0777 * \return \c 0 if successful. 0778 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0779 * \return Another negative error code on different kinds of failure. 0780 * 0781 */ 0782 int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, 0783 const mbedtls_mpi *B); 0784 0785 /** 0786 * \brief Perform a multiplication of an MPI with an unsigned integer: 0787 * X = A * b 0788 * 0789 * \param X The destination MPI. This must point to an initialized MPI. 0790 * \param A The first factor. This must point to an initialized MPI. 0791 * \param b The second factor. 0792 * 0793 * \return \c 0 if successful. 0794 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0795 * \return Another negative error code on different kinds of failure. 0796 * 0797 */ 0798 int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A, 0799 mbedtls_mpi_uint b); 0800 0801 /** 0802 * \brief Perform a division with remainder of two MPIs: 0803 * A = Q * B + R 0804 * 0805 * \param Q The destination MPI for the quotient. 0806 * This may be \c NULL if the value of the 0807 * quotient is not needed. This must not alias A or B. 0808 * \param R The destination MPI for the remainder value. 0809 * This may be \c NULL if the value of the 0810 * remainder is not needed. This must not alias A or B. 0811 * \param A The dividend. This must point to an initialized MPI. 0812 * \param B The divisor. This must point to an initialized MPI. 0813 * 0814 * \return \c 0 if successful. 0815 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. 0816 * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero. 0817 * \return Another negative error code on different kinds of failure. 0818 */ 0819 int mbedtls_mpi_div_mpi(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, 0820 const mbedtls_mpi *B); 0821 0822 /** 0823 * \brief Perform a division with remainder of an MPI by an integer: 0824 * A = Q * b + R 0825 * 0826 * \param Q The destination MPI for the quotient. 0827 * This may be \c NULL if the value of the 0828 * quotient is not needed. This must not alias A. 0829 * \param R The destination MPI for the remainder value. 0830 * This may be \c NULL if the value of the 0831 * remainder is not needed. This must not alias A. 0832 * \param A The dividend. This must point to an initialized MPi. 0833 * \param b The divisor. 0834 * 0835 * \return \c 0 if successful. 0836 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. 0837 * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero. 0838 * \return Another negative error code on different kinds of failure. 0839 */ 0840 int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, 0841 mbedtls_mpi_sint b); 0842 0843 /** 0844 * \brief Perform a modular reduction. R = A mod B 0845 * 0846 * \param R The destination MPI for the residue value. 0847 * This must point to an initialized MPI. 0848 * \param A The MPI to compute the residue of. 0849 * This must point to an initialized MPI. 0850 * \param B The base of the modular reduction. 0851 * This must point to an initialized MPI. 0852 * 0853 * \return \c 0 if successful. 0854 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0855 * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero. 0856 * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p B is negative. 0857 * \return Another negative error code on different kinds of failure. 0858 * 0859 */ 0860 int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A, 0861 const mbedtls_mpi *B); 0862 0863 /** 0864 * \brief Perform a modular reduction with respect to an integer. 0865 * r = A mod b 0866 * 0867 * \param r The address at which to store the residue. 0868 * This must not be \c NULL. 0869 * \param A The MPI to compute the residue of. 0870 * This must point to an initialized MPi. 0871 * \param b The integer base of the modular reduction. 0872 * 0873 * \return \c 0 if successful. 0874 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0875 * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero. 0876 * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative. 0877 * \return Another negative error code on different kinds of failure. 0878 */ 0879 int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A, 0880 mbedtls_mpi_sint b); 0881 0882 /** 0883 * \brief Perform a modular exponentiation: X = A^E mod N 0884 * 0885 * \param X The destination MPI. This must point to an initialized MPI. 0886 * This must not alias E or N. 0887 * \param A The base of the exponentiation. 0888 * This must point to an initialized MPI. 0889 * \param E The exponent MPI. This must point to an initialized MPI. 0890 * \param N The base for the modular reduction. This must point to an 0891 * initialized MPI. 0892 * \param prec_RR A helper MPI depending solely on \p N which can be used to 0893 * speed-up multiple modular exponentiations for the same value 0894 * of \p N. This may be \c NULL. If it is not \c NULL, it must 0895 * point to an initialized MPI. If it hasn't been used after 0896 * the call to mbedtls_mpi_init(), this function will compute 0897 * the helper value and store it in \p prec_RR for reuse on 0898 * subsequent calls to this function. Otherwise, the function 0899 * will assume that \p prec_RR holds the helper value set by a 0900 * previous call to mbedtls_mpi_exp_mod(), and reuse it. 0901 * 0902 * \return \c 0 if successful. 0903 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0904 * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \c N is negative or 0905 * even, or if \c E is negative. 0906 * \return Another negative error code on different kinds of failures. 0907 * 0908 */ 0909 int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A, 0910 const mbedtls_mpi *E, const mbedtls_mpi *N, 0911 mbedtls_mpi *prec_RR); 0912 0913 /** 0914 * \brief Fill an MPI with a number of random bytes. 0915 * 0916 * \param X The destination MPI. This must point to an initialized MPI. 0917 * \param size The number of random bytes to generate. 0918 * \param f_rng The RNG function to use. This must not be \c NULL. 0919 * \param p_rng The RNG parameter to be passed to \p f_rng. This may be 0920 * \c NULL if \p f_rng doesn't need a context argument. 0921 * 0922 * \return \c 0 if successful. 0923 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0924 * \return Another negative error code on failure. 0925 * 0926 * \note The bytes obtained from the RNG are interpreted 0927 * as a big-endian representation of an MPI; this can 0928 * be relevant in applications like deterministic ECDSA. 0929 */ 0930 int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size, 0931 int (*f_rng)(void *, unsigned char *, size_t), 0932 void *p_rng); 0933 0934 /** Generate a random number uniformly in a range. 0935 * 0936 * This function generates a random number between \p min inclusive and 0937 * \p N exclusive. 0938 * 0939 * The procedure complies with RFC 6979 ยง3.3 (deterministic ECDSA) 0940 * when the RNG is a suitably parametrized instance of HMAC_DRBG 0941 * and \p min is \c 1. 0942 * 0943 * \note There are `N - min` possible outputs. The lower bound 0944 * \p min can be reached, but the upper bound \p N cannot. 0945 * 0946 * \param X The destination MPI. This must point to an initialized MPI. 0947 * \param min The minimum value to return. 0948 * It must be nonnegative. 0949 * \param N The upper bound of the range, exclusive. 0950 * In other words, this is one plus the maximum value to return. 0951 * \p N must be strictly larger than \p min. 0952 * \param f_rng The RNG function to use. This must not be \c NULL. 0953 * \param p_rng The RNG parameter to be passed to \p f_rng. 0954 * 0955 * \return \c 0 if successful. 0956 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0957 * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p min or \p N is invalid 0958 * or if they are incompatible. 0959 * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if the implementation was 0960 * unable to find a suitable value within a limited number 0961 * of attempts. This has a negligible probability if \p N 0962 * is significantly larger than \p min, which is the case 0963 * for all usual cryptographic applications. 0964 * \return Another negative error code on failure. 0965 */ 0966 int mbedtls_mpi_random(mbedtls_mpi *X, 0967 mbedtls_mpi_sint min, 0968 const mbedtls_mpi *N, 0969 int (*f_rng)(void *, unsigned char *, size_t), 0970 void *p_rng); 0971 0972 /** 0973 * \brief Compute the greatest common divisor: G = gcd(A, B) 0974 * 0975 * \param G The destination MPI. This must point to an initialized MPI. 0976 * \param A The first operand. This must point to an initialized MPI. 0977 * \param B The second operand. This must point to an initialized MPI. 0978 * 0979 * \return \c 0 if successful. 0980 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0981 * \return Another negative error code on different kinds of failure. 0982 */ 0983 int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A, 0984 const mbedtls_mpi *B); 0985 0986 /** 0987 * \brief Compute the modular inverse: X = A^-1 mod N 0988 * 0989 * \param X The destination MPI. This must point to an initialized MPI. 0990 * \param A The MPI to calculate the modular inverse of. This must point 0991 * to an initialized MPI. 0992 * \param N The base of the modular inversion. This must point to an 0993 * initialized MPI. 0994 * 0995 * \return \c 0 if successful. 0996 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 0997 * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p N is less than 0998 * or equal to one. 0999 * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p A has no modular 1000 * inverse with respect to \p N. 1001 */ 1002 int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A, 1003 const mbedtls_mpi *N); 1004 1005 /** 1006 * \brief Miller-Rabin primality test. 1007 * 1008 * \warning If \p X is potentially generated by an adversary, for example 1009 * when validating cryptographic parameters that you didn't 1010 * generate yourself and that are supposed to be prime, then 1011 * \p rounds should be at least the half of the security 1012 * strength of the cryptographic algorithm. On the other hand, 1013 * if \p X is chosen uniformly or non-adversarially (as is the 1014 * case when mbedtls_mpi_gen_prime calls this function), then 1015 * \p rounds can be much lower. 1016 * 1017 * \param X The MPI to check for primality. 1018 * This must point to an initialized MPI. 1019 * \param rounds The number of bases to perform the Miller-Rabin primality 1020 * test for. The probability of returning 0 on a composite is 1021 * at most 2<sup>-2*\p rounds </sup>. 1022 * \param f_rng The RNG function to use. This must not be \c NULL. 1023 * \param p_rng The RNG parameter to be passed to \p f_rng. 1024 * This may be \c NULL if \p f_rng doesn't use 1025 * a context parameter. 1026 * 1027 * \return \c 0 if successful, i.e. \p X is probably prime. 1028 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 1029 * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime. 1030 * \return Another negative error code on other kinds of failure. 1031 */ 1032 int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds, 1033 int (*f_rng)(void *, unsigned char *, size_t), 1034 void *p_rng); 1035 /** 1036 * \brief Flags for mbedtls_mpi_gen_prime() 1037 * 1038 * Each of these flags is a constraint on the result X returned by 1039 * mbedtls_mpi_gen_prime(). 1040 */ 1041 typedef enum { 1042 MBEDTLS_MPI_GEN_PRIME_FLAG_DH = 0x0001, /**< (X-1)/2 is prime too */ 1043 MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR = 0x0002, /**< lower error rate from 2<sup>-80</sup> to 2<sup>-128</sup> */ 1044 } mbedtls_mpi_gen_prime_flag_t; 1045 1046 /** 1047 * \brief Generate a prime number. 1048 * 1049 * \param X The destination MPI to store the generated prime in. 1050 * This must point to an initialized MPi. 1051 * \param nbits The required size of the destination MPI in bits. 1052 * This must be between \c 3 and #MBEDTLS_MPI_MAX_BITS. 1053 * \param flags A mask of flags of type #mbedtls_mpi_gen_prime_flag_t. 1054 * \param f_rng The RNG function to use. This must not be \c NULL. 1055 * \param p_rng The RNG parameter to be passed to \p f_rng. 1056 * This may be \c NULL if \p f_rng doesn't use 1057 * a context parameter. 1058 * 1059 * \return \c 0 if successful, in which case \p X holds a 1060 * probably prime number. 1061 * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed. 1062 * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between 1063 * \c 3 and #MBEDTLS_MPI_MAX_BITS. 1064 */ 1065 int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags, 1066 int (*f_rng)(void *, unsigned char *, size_t), 1067 void *p_rng); 1068 1069 #if defined(MBEDTLS_SELF_TEST) 1070 1071 /** 1072 * \brief Checkup routine 1073 * 1074 * \return 0 if successful, or 1 if the test failed 1075 */ 1076 int mbedtls_mpi_self_test(int verbose); 1077 1078 #endif /* MBEDTLS_SELF_TEST */ 1079 1080 #ifdef __cplusplus 1081 } 1082 #endif 1083 1084 #endif /* bignum.h */
| [ Source navigation ] | [ Diff markup ] | [ Identifier search ] | [ general search ] |
|
This page was automatically generated by the 2.3.7 LXR engine. The LXR team |
|