NCBI C++ ToolKit
bignum.h
Go to the documentation of this file.

Go to the SVN repository for this file.

1 /**
2  * \file bignum.h
3  *
4  * \brief Multi-precision integer library
5  */
6 /*
7  * Copyright The Mbed TLS Contributors
8  * SPDX-License-Identifier: Apache-2.0
9  *
10  * Licensed under the Apache License, Version 2.0 (the "License"); you may
11  * not use this file except in compliance with the License.
12  * You may obtain a copy of the License at
13  *
14  * http://www.apache.org/licenses/LICENSE-2.0
15  *
16  * Unless required by applicable law or agreed to in writing, software
17  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19  * See the License for the specific language governing permissions and
20  * limitations under the License.
21  */
22 #ifndef MBEDTLS_BIGNUM_H
23 #define MBEDTLS_BIGNUM_H
24 
25 #if !defined(MBEDTLS_CONFIG_FILE)
26 #include "mbedtls/config.h"
27 #else
28 #include MBEDTLS_CONFIG_FILE
29 #endif
30 
31 #include <stddef.h>
32 #include <stdint.h>
33 
34 #if defined(MBEDTLS_FS_IO)
35 #include <stdio.h>
36 #endif
37 
38 /** An error occurred while reading from or writing to a file. */
39 #define MBEDTLS_ERR_MPI_FILE_IO_ERROR -0x0002
40 /** Bad input parameters to function. */
41 #define MBEDTLS_ERR_MPI_BAD_INPUT_DATA -0x0004
42 /** There is an invalid character in the digit string. */
43 #define MBEDTLS_ERR_MPI_INVALID_CHARACTER -0x0006
44 /** The buffer is too small to write to. */
45 #define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL -0x0008
46 /** The input arguments are negative or result in illegal output. */
47 #define MBEDTLS_ERR_MPI_NEGATIVE_VALUE -0x000A
48 /** The input argument for division is zero, which is not allowed. */
49 #define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C
50 /** The input arguments are not acceptable. */
51 #define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E
52 /** Memory allocation failed. */
53 #define MBEDTLS_ERR_MPI_ALLOC_FAILED -0x0010
54 
55 #define MBEDTLS_MPI_CHK(f) \
56  do \
57  { \
58  if ((ret = (f)) != 0) \
59  goto cleanup; \
60  } while (0)
61 
62 /*
63  * Maximum size MPIs are allowed to grow to in number of limbs.
64  */
65 #define MBEDTLS_MPI_MAX_LIMBS 10000
66 
67 #if !defined(MBEDTLS_MPI_WINDOW_SIZE)
68 /*
69  * Maximum window size used for modular exponentiation. Default: 2
70  * Minimum value: 1. Maximum value: 6.
71  *
72  * Result is an array of ( 2 ** MBEDTLS_MPI_WINDOW_SIZE ) MPIs used
73  * for the sliding window calculation. (So 64 by default)
74  *
75  * Reduction in size, reduces speed.
76  */
77 #define MBEDTLS_MPI_WINDOW_SIZE 2 /**< Maximum window size used. */
78 #endif /* !MBEDTLS_MPI_WINDOW_SIZE */
79 
80 #if !defined(MBEDTLS_MPI_MAX_SIZE)
81 /*
82  * Maximum size of MPIs allowed in bits and bytes for user-MPIs.
83  * ( Default: 512 bytes => 4096 bits, Maximum tested: 2048 bytes => 16384 bits )
84  *
85  * Note: Calculations can temporarily result in larger MPIs. So the number
86  * of limbs required (MBEDTLS_MPI_MAX_LIMBS) is higher.
87  */
88 #define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
89 #endif /* !MBEDTLS_MPI_MAX_SIZE */
90 
91 #define MBEDTLS_MPI_MAX_BITS (8 * MBEDTLS_MPI_MAX_SIZE) /**< Maximum number of bits for usable MPIs. */
92 
93 /*
94  * When reading from files with mbedtls_mpi_read_file() and writing to files with
95  * mbedtls_mpi_write_file() the buffer should have space
96  * for a (short) label, the MPI (in the provided radix), the newline
97  * characters and the '\0'.
98  *
99  * By default we assume at least a 10 char label, a minimum radix of 10
100  * (decimal) and a maximum of 4096 bit numbers (1234 decimal chars).
101  * Autosized at compile time for at least a 10 char label, a minimum radix
102  * of 10 (decimal) for a number of MBEDTLS_MPI_MAX_BITS size.
103  *
104  * This used to be statically sized to 1250 for a maximum of 4096 bit
105  * numbers (1234 decimal chars).
106  *
107  * Calculate using the formula:
108  * MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) +
109  * LabelSize + 6
110  */
111 #define MBEDTLS_MPI_MAX_BITS_SCALE100 (100 * MBEDTLS_MPI_MAX_BITS)
112 #define MBEDTLS_LN_2_DIV_LN_10_SCALE100 332
113 #define MBEDTLS_MPI_RW_BUFFER_SIZE (((MBEDTLS_MPI_MAX_BITS_SCALE100 + \
114  MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / \
115  MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6)
116 
117 /*
118  * Define the base integer type, architecture-wise.
119  *
120  * 32 or 64-bit integer types can be forced regardless of the underlying
121  * architecture by defining MBEDTLS_HAVE_INT32 or MBEDTLS_HAVE_INT64
122  * respectively and undefining MBEDTLS_HAVE_ASM.
123  *
124  * Double-width integers (e.g. 128-bit in 64-bit architectures) can be
125  * disabled by defining MBEDTLS_NO_UDBL_DIVISION.
126  */
127 #if !defined(MBEDTLS_HAVE_INT32)
128  #if defined(_MSC_VER) && defined(_M_AMD64)
129 /* Always choose 64-bit when using MSC */
130  #if !defined(MBEDTLS_HAVE_INT64)
131  #define MBEDTLS_HAVE_INT64
132  #endif /* !MBEDTLS_HAVE_INT64 */
133 typedef int64_t mbedtls_mpi_sint;
134 typedef uint64_t mbedtls_mpi_uint;
135  #elif defined(__GNUC__) && ( \
136  defined(__amd64__) || defined(__x86_64__) || \
137  defined(__ppc64__) || defined(__powerpc64__) || \
138  defined(__ia64__) || defined(__alpha__) || \
139  (defined(__sparc__) && defined(__arch64__)) || \
140  defined(__s390x__) || defined(__mips64) || \
141  defined(__aarch64__))
142  #if !defined(MBEDTLS_HAVE_INT64)
143  #define MBEDTLS_HAVE_INT64
144  #endif /* MBEDTLS_HAVE_INT64 */
145 typedef int64_t mbedtls_mpi_sint;
146 typedef uint64_t mbedtls_mpi_uint;
147  #if !defined(MBEDTLS_NO_UDBL_DIVISION)
148 /* mbedtls_t_udbl defined as 128-bit unsigned int */
149 typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI)));
150  #define MBEDTLS_HAVE_UDBL
151  #endif /* !MBEDTLS_NO_UDBL_DIVISION */
152  #elif defined(__ARMCC_VERSION) && defined(__aarch64__)
153 /*
154  * __ARMCC_VERSION is defined for both armcc and armclang and
155  * __aarch64__ is only defined by armclang when compiling 64-bit code
156  */
157  #if !defined(MBEDTLS_HAVE_INT64)
158  #define MBEDTLS_HAVE_INT64
159  #endif /* !MBEDTLS_HAVE_INT64 */
160 typedef int64_t mbedtls_mpi_sint;
161 typedef uint64_t mbedtls_mpi_uint;
162  #if !defined(MBEDTLS_NO_UDBL_DIVISION)
163 /* mbedtls_t_udbl defined as 128-bit unsigned int */
164 typedef __uint128_t mbedtls_t_udbl;
165  #define MBEDTLS_HAVE_UDBL
166  #endif /* !MBEDTLS_NO_UDBL_DIVISION */
167  #elif defined(MBEDTLS_HAVE_INT64)
168 /* Force 64-bit integers with unknown compiler */
169 typedef int64_t mbedtls_mpi_sint;
170 typedef uint64_t mbedtls_mpi_uint;
171  #endif
172 #endif /* !MBEDTLS_HAVE_INT32 */
173 
174 #if !defined(MBEDTLS_HAVE_INT64)
175 /* Default to 32-bit compilation */
176  #if !defined(MBEDTLS_HAVE_INT32)
177  #define MBEDTLS_HAVE_INT32
178  #endif /* !MBEDTLS_HAVE_INT32 */
181  #if !defined(MBEDTLS_NO_UDBL_DIVISION)
183  #define MBEDTLS_HAVE_UDBL
184  #endif /* !MBEDTLS_NO_UDBL_DIVISION */
185 #endif /* !MBEDTLS_HAVE_INT64 */
186 
187 /** \typedef mbedtls_mpi_uint
188  * \brief The type of machine digits in a bignum, called _limbs_.
189  *
190  * This is always an unsigned integer type with no padding bits. The size
191  * is platform-dependent.
192  */
193 
194 /** \typedef mbedtls_mpi_sint
195  * \brief The signed type corresponding to #mbedtls_mpi_uint.
196  *
197  * This is always a signed integer type with no padding bits. The size
198  * is platform-dependent.
199  */
200 
201 #ifdef __cplusplus
202 extern "C" {
203 #endif
204 
205 /**
206  * \brief MPI structure
207  */
208 typedef struct mbedtls_mpi {
209  /** Sign: -1 if the mpi is negative, 1 otherwise.
210  *
211  * The number 0 must be represented with `s = +1`. Although many library
212  * functions treat all-limbs-zero as equivalent to a valid representation
213  * of 0 regardless of the sign bit, there are exceptions, so bignum
214  * functions and external callers must always set \c s to +1 for the
215  * number zero.
216  *
217  * Note that this implies that calloc() or `... = {0}` does not create
218  * a valid MPI representation. You must call mbedtls_mpi_init().
219  */
220  int s;
221 
222  /** Total number of limbs in \c p. */
223  size_t n;
224 
225  /** Pointer to limbs.
226  *
227  * This may be \c NULL if \c n is 0.
228  */
230 }
232 
233 /**
234  * \brief Initialize an MPI context.
235  *
236  * This makes the MPI ready to be set or freed,
237  * but does not define a value for the MPI.
238  *
239  * \param X The MPI context to initialize. This must not be \c NULL.
240  */
242 
243 /**
244  * \brief This function frees the components of an MPI context.
245  *
246  * \param X The MPI context to be cleared. This may be \c NULL,
247  * in which case this function is a no-op. If it is
248  * not \c NULL, it must point to an initialized MPI.
249  */
251 
252 /**
253  * \brief Enlarge an MPI to the specified number of limbs.
254  *
255  * \note This function does nothing if the MPI is
256  * already large enough.
257  *
258  * \param X The MPI to grow. It must be initialized.
259  * \param nblimbs The target number of limbs.
260  *
261  * \return \c 0 if successful.
262  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
263  * \return Another negative error code on other kinds of failure.
264  */
265 int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs);
266 
267 /**
268  * \brief This function resizes an MPI downwards, keeping at least the
269  * specified number of limbs.
270  *
271  * If \c X is smaller than \c nblimbs, it is resized up
272  * instead.
273  *
274  * \param X The MPI to shrink. This must point to an initialized MPI.
275  * \param nblimbs The minimum number of limbs to keep.
276  *
277  * \return \c 0 if successful.
278  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed
279  * (this can only happen when resizing up).
280  * \return Another negative error code on other kinds of failure.
281  */
282 int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs);
283 
284 /**
285  * \brief Make a copy of an MPI.
286  *
287  * \param X The destination MPI. This must point to an initialized MPI.
288  * \param Y The source MPI. This must point to an initialized MPI.
289  *
290  * \note The limb-buffer in the destination MPI is enlarged
291  * if necessary to hold the value in the source MPI.
292  *
293  * \return \c 0 if successful.
294  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
295  * \return Another negative error code on other kinds of failure.
296  */
298 
299 /**
300  * \brief Swap the contents of two MPIs.
301  *
302  * \param X The first MPI. It must be initialized.
303  * \param Y The second MPI. It must be initialized.
304  */
306 
307 /**
308  * \brief Perform a safe conditional copy of MPI which doesn't
309  * reveal whether the condition was true or not.
310  *
311  * \param X The MPI to conditionally assign to. This must point
312  * to an initialized MPI.
313  * \param Y The MPI to be assigned from. This must point to an
314  * initialized MPI.
315  * \param assign The condition deciding whether to perform the
316  * assignment or not. Must be either 0 or 1:
317  * * \c 1: Perform the assignment `X = Y`.
318  * * \c 0: Keep the original value of \p X.
319  *
320  * \note This function is equivalent to
321  * `if( assign ) mbedtls_mpi_copy( X, Y );`
322  * except that it avoids leaking any information about whether
323  * the assignment was done or not (the above code may leak
324  * information through branch prediction and/or memory access
325  * patterns analysis).
326  *
327  * \warning If \p assign is neither 0 nor 1, the result of this function
328  * is indeterminate, and the resulting value in \p X might be
329  * neither its original value nor the value in \p Y.
330  *
331  * \return \c 0 if successful.
332  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
333  * \return Another negative error code on other kinds of failure.
334  */
335 int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign);
336 
337 /**
338  * \brief Perform a safe conditional swap which doesn't
339  * reveal whether the condition was true or not.
340  *
341  * \param X The first MPI. This must be initialized.
342  * \param Y The second MPI. This must be initialized.
343  * \param swap The condition deciding whether to perform
344  * the swap or not. Must be either 0 or 1:
345  * * \c 1: Swap the values of \p X and \p Y.
346  * * \c 0: Keep the original values of \p X and \p Y.
347  *
348  * \note This function is equivalent to
349  * if( swap ) mbedtls_mpi_swap( X, Y );
350  * except that it avoids leaking any information about whether
351  * the swap was done or not (the above code may leak
352  * information through branch prediction and/or memory access
353  * patterns analysis).
354  *
355  * \warning If \p swap is neither 0 nor 1, the result of this function
356  * is indeterminate, and both \p X and \p Y might end up with
357  * values different to either of the original ones.
358  *
359  * \return \c 0 if successful.
360  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
361  * \return Another negative error code on other kinds of failure.
362  *
363  */
365 
366 /**
367  * \brief Store integer value in MPI.
368  *
369  * \param X The MPI to set. This must be initialized.
370  * \param z The value to use.
371  *
372  * \return \c 0 if successful.
373  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
374  * \return Another negative error code on other kinds of failure.
375  */
377 
378 /**
379  * \brief Get a specific bit from an MPI.
380  *
381  * \param X The MPI to query. This must be initialized.
382  * \param pos Zero-based index of the bit to query.
383  *
384  * \return \c 0 or \c 1 on success, depending on whether bit \c pos
385  * of \c X is unset or set.
386  * \return A negative error code on failure.
387  */
388 int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos);
389 
390 /**
391  * \brief Modify a specific bit in an MPI.
392  *
393  * \note This function will grow the target MPI if necessary to set a
394  * bit to \c 1 in a not yet existing limb. It will not grow if
395  * the bit should be set to \c 0.
396  *
397  * \param X The MPI to modify. This must be initialized.
398  * \param pos Zero-based index of the bit to modify.
399  * \param val The desired value of bit \c pos: \c 0 or \c 1.
400  *
401  * \return \c 0 if successful.
402  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
403  * \return Another negative error code on other kinds of failure.
404  */
405 int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val);
406 
407 /**
408  * \brief Return the number of bits of value \c 0 before the
409  * least significant bit of value \c 1.
410  *
411  * \note This is the same as the zero-based index of
412  * the least significant bit of value \c 1.
413  *
414  * \param X The MPI to query.
415  *
416  * \return The number of bits of value \c 0 before the least significant
417  * bit of value \c 1 in \p X.
418  */
419 size_t mbedtls_mpi_lsb(const mbedtls_mpi *X);
420 
421 /**
422  * \brief Return the number of bits up to and including the most
423  * significant bit of value \c 1.
424  *
425  * * \note This is same as the one-based index of the most
426  * significant bit of value \c 1.
427  *
428  * \param X The MPI to query. This must point to an initialized MPI.
429  *
430  * \return The number of bits up to and including the most
431  * significant bit of value \c 1.
432  */
434 
435 /**
436  * \brief Return the total size of an MPI value in bytes.
437  *
438  * \param X The MPI to use. This must point to an initialized MPI.
439  *
440  * \note The value returned by this function may be less than
441  * the number of bytes used to store \p X internally.
442  * This happens if and only if there are trailing bytes
443  * of value zero.
444  *
445  * \return The least number of bytes capable of storing
446  * the absolute value of \p X.
447  */
448 size_t mbedtls_mpi_size(const mbedtls_mpi *X);
449 
450 /**
451  * \brief Import an MPI from an ASCII string.
452  *
453  * \param X The destination MPI. This must point to an initialized MPI.
454  * \param radix The numeric base of the input string.
455  * \param s Null-terminated string buffer.
456  *
457  * \return \c 0 if successful.
458  * \return A negative error code on failure.
459  */
460 int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s);
461 
462 /**
463  * \brief Export an MPI to an ASCII string.
464  *
465  * \param X The source MPI. This must point to an initialized MPI.
466  * \param radix The numeric base of the output string.
467  * \param buf The buffer to write the string to. This must be writable
468  * buffer of length \p buflen Bytes.
469  * \param buflen The available size in Bytes of \p buf.
470  * \param olen The address at which to store the length of the string
471  * written, including the final \c NULL byte. This must
472  * not be \c NULL.
473  *
474  * \note You can call this function with `buflen == 0` to obtain the
475  * minimum required buffer size in `*olen`.
476  *
477  * \return \c 0 if successful.
478  * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if the target buffer \p buf
479  * is too small to hold the value of \p X in the desired base.
480  * In this case, `*olen` is nonetheless updated to contain the
481  * size of \p buf required for a successful call.
482  * \return Another negative error code on different kinds of failure.
483  */
484 int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix,
485  char *buf, size_t buflen, size_t *olen);
486 
487 #if defined(MBEDTLS_FS_IO)
488 /**
489  * \brief Read an MPI from a line in an opened file.
490  *
491  * \param X The destination MPI. This must point to an initialized MPI.
492  * \param radix The numeric base of the string representation used
493  * in the source line.
494  * \param fin The input file handle to use. This must not be \c NULL.
495  *
496  * \note On success, this function advances the file stream
497  * to the end of the current line or to EOF.
498  *
499  * The function returns \c 0 on an empty line.
500  *
501  * Leading whitespaces are ignored, as is a
502  * '0x' prefix for radix \c 16.
503  *
504  * \return \c 0 if successful.
505  * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if the file read buffer
506  * is too small.
507  * \return Another negative error code on failure.
508  */
509 int mbedtls_mpi_read_file(mbedtls_mpi *X, int radix, FILE *fin);
510 
511 /**
512  * \brief Export an MPI into an opened file.
513  *
514  * \param p A string prefix to emit prior to the MPI data.
515  * For example, this might be a label, or "0x" when
516  * printing in base \c 16. This may be \c NULL if no prefix
517  * is needed.
518  * \param X The source MPI. This must point to an initialized MPI.
519  * \param radix The numeric base to be used in the emitted string.
520  * \param fout The output file handle. This may be \c NULL, in which case
521  * the output is written to \c stdout.
522  *
523  * \return \c 0 if successful.
524  * \return A negative error code on failure.
525  */
526 int mbedtls_mpi_write_file(const char *p, const mbedtls_mpi *X,
527  int radix, FILE *fout);
528 #endif /* MBEDTLS_FS_IO */
529 
530 /**
531  * \brief Import an MPI from unsigned big endian binary data.
532  *
533  * \param X The destination MPI. This must point to an initialized MPI.
534  * \param buf The input buffer. This must be a readable buffer of length
535  * \p buflen Bytes.
536  * \param buflen The length of the input buffer \p p in Bytes.
537  *
538  * \return \c 0 if successful.
539  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
540  * \return Another negative error code on different kinds of failure.
541  */
542 int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf,
543  size_t buflen);
544 
545 /**
546  * \brief Import X from unsigned binary data, little endian
547  *
548  * \param X The destination MPI. This must point to an initialized MPI.
549  * \param buf The input buffer. This must be a readable buffer of length
550  * \p buflen Bytes.
551  * \param buflen The length of the input buffer \p p in Bytes.
552  *
553  * \return \c 0 if successful.
554  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
555  * \return Another negative error code on different kinds of failure.
556  */
558  const unsigned char *buf, size_t buflen);
559 
560 /**
561  * \brief Export X into unsigned binary data, big endian.
562  * Always fills the whole buffer, which will start with zeros
563  * if the number is smaller.
564  *
565  * \param X The source MPI. This must point to an initialized MPI.
566  * \param buf The output buffer. This must be a writable buffer of length
567  * \p buflen Bytes.
568  * \param buflen The size of the output buffer \p buf in Bytes.
569  *
570  * \return \c 0 if successful.
571  * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p buf isn't
572  * large enough to hold the value of \p X.
573  * \return Another negative error code on different kinds of failure.
574  */
575 int mbedtls_mpi_write_binary(const mbedtls_mpi *X, unsigned char *buf,
576  size_t buflen);
577 
578 /**
579  * \brief Export X into unsigned binary data, little endian.
580  * Always fills the whole buffer, which will end with zeros
581  * if the number is smaller.
582  *
583  * \param X The source MPI. This must point to an initialized MPI.
584  * \param buf The output buffer. This must be a writable buffer of length
585  * \p buflen Bytes.
586  * \param buflen The size of the output buffer \p buf in Bytes.
587  *
588  * \return \c 0 if successful.
589  * \return #MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if \p buf isn't
590  * large enough to hold the value of \p X.
591  * \return Another negative error code on different kinds of failure.
592  */
594  unsigned char *buf, size_t buflen);
595 
596 /**
597  * \brief Perform a left-shift on an MPI: X <<= count
598  *
599  * \param X The MPI to shift. This must point to an initialized MPI.
600  * \param count The number of bits to shift by.
601  *
602  * \return \c 0 if successful.
603  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
604  * \return Another negative error code on different kinds of failure.
605  */
606 int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count);
607 
608 /**
609  * \brief Perform a right-shift on an MPI: X >>= count
610  *
611  * \param X The MPI to shift. This must point to an initialized MPI.
612  * \param count The number of bits to shift by.
613  *
614  * \return \c 0 if successful.
615  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
616  * \return Another negative error code on different kinds of failure.
617  */
618 int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count);
619 
620 /**
621  * \brief Compare the absolute values of two MPIs.
622  *
623  * \param X The left-hand MPI. This must point to an initialized MPI.
624  * \param Y The right-hand MPI. This must point to an initialized MPI.
625  *
626  * \return \c 1 if `|X|` is greater than `|Y|`.
627  * \return \c -1 if `|X|` is lesser than `|Y|`.
628  * \return \c 0 if `|X|` is equal to `|Y|`.
629  */
631 
632 /**
633  * \brief Compare two MPIs.
634  *
635  * \param X The left-hand MPI. This must point to an initialized MPI.
636  * \param Y The right-hand MPI. This must point to an initialized MPI.
637  *
638  * \return \c 1 if \p X is greater than \p Y.
639  * \return \c -1 if \p X is lesser than \p Y.
640  * \return \c 0 if \p X is equal to \p Y.
641  */
643 
644 /**
645  * \brief Check if an MPI is less than the other in constant time.
646  *
647  * \param X The left-hand MPI. This must point to an initialized MPI
648  * with the same allocated length as Y.
649  * \param Y The right-hand MPI. This must point to an initialized MPI
650  * with the same allocated length as X.
651  * \param ret The result of the comparison:
652  * \c 1 if \p X is less than \p Y.
653  * \c 0 if \p X is greater than or equal to \p Y.
654  *
655  * \return 0 on success.
656  * \return MBEDTLS_ERR_MPI_BAD_INPUT_DATA if the allocated length of
657  * the two input MPIs is not the same.
658  */
660  unsigned *ret);
661 
662 /**
663  * \brief Compare an MPI with an integer.
664  *
665  * \param X The left-hand MPI. This must point to an initialized MPI.
666  * \param z The integer value to compare \p X to.
667  *
668  * \return \c 1 if \p X is greater than \p z.
669  * \return \c -1 if \p X is lesser than \p z.
670  * \return \c 0 if \p X is equal to \p z.
671  */
673 
674 /**
675  * \brief Perform an unsigned addition of MPIs: X = |A| + |B|
676  *
677  * \param X The destination MPI. This must point to an initialized MPI.
678  * \param A The first summand. This must point to an initialized MPI.
679  * \param B The second summand. This must point to an initialized MPI.
680  *
681  * \return \c 0 if successful.
682  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
683  * \return Another negative error code on different kinds of failure.
684  */
686  const mbedtls_mpi *B);
687 
688 /**
689  * \brief Perform an unsigned subtraction of MPIs: X = |A| - |B|
690  *
691  * \param X The destination MPI. This must point to an initialized MPI.
692  * \param A The minuend. This must point to an initialized MPI.
693  * \param B The subtrahend. This must point to an initialized MPI.
694  *
695  * \return \c 0 if successful.
696  * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p B is greater than \p A.
697  * \return Another negative error code on different kinds of failure.
698  *
699  */
701  const mbedtls_mpi *B);
702 
703 /**
704  * \brief Perform a signed addition of MPIs: X = A + B
705  *
706  * \param X The destination MPI. This must point to an initialized MPI.
707  * \param A The first summand. This must point to an initialized MPI.
708  * \param B The second summand. This must point to an initialized MPI.
709  *
710  * \return \c 0 if successful.
711  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
712  * \return Another negative error code on different kinds of failure.
713  */
715  const mbedtls_mpi *B);
716 
717 /**
718  * \brief Perform a signed subtraction of MPIs: X = A - B
719  *
720  * \param X The destination MPI. This must point to an initialized MPI.
721  * \param A The minuend. This must point to an initialized MPI.
722  * \param B The subtrahend. This must point to an initialized MPI.
723  *
724  * \return \c 0 if successful.
725  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
726  * \return Another negative error code on different kinds of failure.
727  */
729  const mbedtls_mpi *B);
730 
731 /**
732  * \brief Perform a signed addition of an MPI and an integer: X = A + b
733  *
734  * \param X The destination MPI. This must point to an initialized MPI.
735  * \param A The first summand. This must point to an initialized MPI.
736  * \param b The second summand.
737  *
738  * \return \c 0 if successful.
739  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
740  * \return Another negative error code on different kinds of failure.
741  */
744 
745 /**
746  * \brief Perform a signed subtraction of an MPI and an integer:
747  * X = A - b
748  *
749  * \param X The destination MPI. This must point to an initialized MPI.
750  * \param A The minuend. This must point to an initialized MPI.
751  * \param b The subtrahend.
752  *
753  * \return \c 0 if successful.
754  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
755  * \return Another negative error code on different kinds of failure.
756  */
759 
760 /**
761  * \brief Perform a multiplication of two MPIs: X = A * B
762  *
763  * \param X The destination MPI. This must point to an initialized MPI.
764  * \param A The first factor. This must point to an initialized MPI.
765  * \param B The second factor. This must point to an initialized MPI.
766  *
767  * \return \c 0 if successful.
768  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
769  * \return Another negative error code on different kinds of failure.
770  *
771  */
773  const mbedtls_mpi *B);
774 
775 /**
776  * \brief Perform a multiplication of an MPI with an unsigned integer:
777  * X = A * b
778  *
779  * \param X The destination MPI. This must point to an initialized MPI.
780  * \param A The first factor. This must point to an initialized MPI.
781  * \param b The second factor.
782  *
783  * \return \c 0 if successful.
784  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
785  * \return Another negative error code on different kinds of failure.
786  *
787  */
790 
791 /**
792  * \brief Perform a division with remainder of two MPIs:
793  * A = Q * B + R
794  *
795  * \param Q The destination MPI for the quotient.
796  * This may be \c NULL if the value of the
797  * quotient is not needed. This must not alias A or B.
798  * \param R The destination MPI for the remainder value.
799  * This may be \c NULL if the value of the
800  * remainder is not needed. This must not alias A or B.
801  * \param A The dividend. This must point to an initialized MPI.
802  * \param B The divisor. This must point to an initialized MPI.
803  *
804  * \return \c 0 if successful.
805  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
806  * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero.
807  * \return Another negative error code on different kinds of failure.
808  */
810  const mbedtls_mpi *B);
811 
812 /**
813  * \brief Perform a division with remainder of an MPI by an integer:
814  * A = Q * b + R
815  *
816  * \param Q The destination MPI for the quotient.
817  * This may be \c NULL if the value of the
818  * quotient is not needed. This must not alias A.
819  * \param R The destination MPI for the remainder value.
820  * This may be \c NULL if the value of the
821  * remainder is not needed. This must not alias A.
822  * \param A The dividend. This must point to an initialized MPi.
823  * \param b The divisor.
824  *
825  * \return \c 0 if successful.
826  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed.
827  * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero.
828  * \return Another negative error code on different kinds of failure.
829  */
832 
833 /**
834  * \brief Perform a modular reduction. R = A mod B
835  *
836  * \param R The destination MPI for the residue value.
837  * This must point to an initialized MPI.
838  * \param A The MPI to compute the residue of.
839  * This must point to an initialized MPI.
840  * \param B The base of the modular reduction.
841  * This must point to an initialized MPI.
842  *
843  * \return \c 0 if successful.
844  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
845  * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p B equals zero.
846  * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p B is negative.
847  * \return Another negative error code on different kinds of failure.
848  *
849  */
851  const mbedtls_mpi *B);
852 
853 /**
854  * \brief Perform a modular reduction with respect to an integer.
855  * r = A mod b
856  *
857  * \param r The address at which to store the residue.
858  * This must not be \c NULL.
859  * \param A The MPI to compute the residue of.
860  * This must point to an initialized MPi.
861  * \param b The integer base of the modular reduction.
862  *
863  * \return \c 0 if successful.
864  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
865  * \return #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p b equals zero.
866  * \return #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p b is negative.
867  * \return Another negative error code on different kinds of failure.
868  */
871 
872 /**
873  * \brief Perform a sliding-window exponentiation: X = A^E mod N
874  *
875  * \param X The destination MPI. This must point to an initialized MPI.
876  * This must not alias E or N.
877  * \param A The base of the exponentiation.
878  * This must point to an initialized MPI.
879  * \param E The exponent MPI. This must point to an initialized MPI.
880  * \param N The base for the modular reduction. This must point to an
881  * initialized MPI.
882  * \param prec_RR A helper MPI depending solely on \p N which can be used to
883  * speed-up multiple modular exponentiations for the same value
884  * of \p N. This may be \c NULL. If it is not \c NULL, it must
885  * point to an initialized MPI. If it hasn't been used after
886  * the call to mbedtls_mpi_init(), this function will compute
887  * the helper value and store it in \p prec_RR for reuse on
888  * subsequent calls to this function. Otherwise, the function
889  * will assume that \p prec_RR holds the helper value set by a
890  * previous call to mbedtls_mpi_exp_mod(), and reuse it.
891  *
892  * \return \c 0 if successful.
893  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
894  * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \c N is negative or
895  * even, or if \c E is negative.
896  * \return Another negative error code on different kinds of failures.
897  *
898  */
900  const mbedtls_mpi *E, const mbedtls_mpi *N,
901  mbedtls_mpi *prec_RR);
902 
903 /**
904  * \brief Fill an MPI with a number of random bytes.
905  *
906  * \param X The destination MPI. This must point to an initialized MPI.
907  * \param size The number of random bytes to generate.
908  * \param f_rng The RNG function to use. This must not be \c NULL.
909  * \param p_rng The RNG parameter to be passed to \p f_rng. This may be
910  * \c NULL if \p f_rng doesn't need a context argument.
911  *
912  * \return \c 0 if successful.
913  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
914  * \return Another negative error code on failure.
915  *
916  * \note The bytes obtained from the RNG are interpreted
917  * as a big-endian representation of an MPI; this can
918  * be relevant in applications like deterministic ECDSA.
919  */
921  int (*f_rng)(void *, unsigned char *, size_t),
922  void *p_rng);
923 
924 /** Generate a random number uniformly in a range.
925  *
926  * This function generates a random number between \p min inclusive and
927  * \p N exclusive.
928  *
929  * The procedure complies with RFC 6979 ยง3.3 (deterministic ECDSA)
930  * when the RNG is a suitably parametrized instance of HMAC_DRBG
931  * and \p min is \c 1.
932  *
933  * \note There are `N - min` possible outputs. The lower bound
934  * \p min can be reached, but the upper bound \p N cannot.
935  *
936  * \param X The destination MPI. This must point to an initialized MPI.
937  * \param min The minimum value to return.
938  * It must be nonnegative.
939  * \param N The upper bound of the range, exclusive.
940  * In other words, this is one plus the maximum value to return.
941  * \p N must be strictly larger than \p min.
942  * \param f_rng The RNG function to use. This must not be \c NULL.
943  * \param p_rng The RNG parameter to be passed to \p f_rng.
944  *
945  * \return \c 0 if successful.
946  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
947  * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p min or \p N is invalid
948  * or if they are incompatible.
949  * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if the implementation was
950  * unable to find a suitable value within a limited number
951  * of attempts. This has a negligible probability if \p N
952  * is significantly larger than \p min, which is the case
953  * for all usual cryptographic applications.
954  * \return Another negative error code on failure.
955  */
958  const mbedtls_mpi *N,
959  int (*f_rng)(void *, unsigned char *, size_t),
960  void *p_rng);
961 
962 /**
963  * \brief Compute the greatest common divisor: G = gcd(A, B)
964  *
965  * \param G The destination MPI. This must point to an initialized MPI.
966  * \param A The first operand. This must point to an initialized MPI.
967  * \param B The second operand. This must point to an initialized MPI.
968  *
969  * \return \c 0 if successful.
970  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
971  * \return Another negative error code on different kinds of failure.
972  */
974  const mbedtls_mpi *B);
975 
976 /**
977  * \brief Compute the modular inverse: X = A^-1 mod N
978  *
979  * \param X The destination MPI. This must point to an initialized MPI.
980  * \param A The MPI to calculate the modular inverse of. This must point
981  * to an initialized MPI.
982  * \param N The base of the modular inversion. This must point to an
983  * initialized MPI.
984  *
985  * \return \c 0 if successful.
986  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
987  * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \p N is less than
988  * or equal to one.
989  * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p has no modular inverse
990  * with respect to \p N.
991  */
993  const mbedtls_mpi *N);
994 
995 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
996 #if defined(MBEDTLS_DEPRECATED_WARNING)
997 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
998 #else
999 #define MBEDTLS_DEPRECATED
1000 #endif
1001 /**
1002  * \brief Perform a Miller-Rabin primality test with error
1003  * probability of 2<sup>-80</sup>.
1004  *
1005  * \deprecated Superseded by mbedtls_mpi_is_prime_ext() which allows
1006  * specifying the number of Miller-Rabin rounds.
1007  *
1008  * \param X The MPI to check for primality.
1009  * This must point to an initialized MPI.
1010  * \param f_rng The RNG function to use. This must not be \c NULL.
1011  * \param p_rng The RNG parameter to be passed to \p f_rng.
1012  * This may be \c NULL if \p f_rng doesn't use a
1013  * context parameter.
1014  *
1015  * \return \c 0 if successful, i.e. \p X is probably prime.
1016  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
1017  * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime.
1018  * \return Another negative error code on other kinds of failure.
1019  */
1021  int (*f_rng)(void *, unsigned char *, size_t),
1022  void *p_rng);
1023 #undef MBEDTLS_DEPRECATED
1024 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
1025 
1026 /**
1027  * \brief Miller-Rabin primality test.
1028  *
1029  * \warning If \p X is potentially generated by an adversary, for example
1030  * when validating cryptographic parameters that you didn't
1031  * generate yourself and that are supposed to be prime, then
1032  * \p rounds should be at least the half of the security
1033  * strength of the cryptographic algorithm. On the other hand,
1034  * if \p X is chosen uniformly or non-adversarially (as is the
1035  * case when mbedtls_mpi_gen_prime calls this function), then
1036  * \p rounds can be much lower.
1037  *
1038  * \param X The MPI to check for primality.
1039  * This must point to an initialized MPI.
1040  * \param rounds The number of bases to perform the Miller-Rabin primality
1041  * test for. The probability of returning 0 on a composite is
1042  * at most 2<sup>-2*\p rounds</sup>.
1043  * \param f_rng The RNG function to use. This must not be \c NULL.
1044  * \param p_rng The RNG parameter to be passed to \p f_rng.
1045  * This may be \c NULL if \p f_rng doesn't use
1046  * a context parameter.
1047  *
1048  * \return \c 0 if successful, i.e. \p X is probably prime.
1049  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
1050  * \return #MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if \p X is not prime.
1051  * \return Another negative error code on other kinds of failure.
1052  */
1053 int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds,
1054  int (*f_rng)(void *, unsigned char *, size_t),
1055  void *p_rng);
1056 /**
1057  * \brief Flags for mbedtls_mpi_gen_prime()
1058  *
1059  * Each of these flags is a constraint on the result X returned by
1060  * mbedtls_mpi_gen_prime().
1061  */
1062 typedef enum {
1063  MBEDTLS_MPI_GEN_PRIME_FLAG_DH = 0x0001, /**< (X-1)/2 is prime too */
1064  MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR = 0x0002, /**< lower error rate from 2<sup>-80</sup> to 2<sup>-128</sup> */
1066 
1067 /**
1068  * \brief Generate a prime number.
1069  *
1070  * \param X The destination MPI to store the generated prime in.
1071  * This must point to an initialized MPi.
1072  * \param nbits The required size of the destination MPI in bits.
1073  * This must be between \c 3 and #MBEDTLS_MPI_MAX_BITS.
1074  * \param flags A mask of flags of type #mbedtls_mpi_gen_prime_flag_t.
1075  * \param f_rng The RNG function to use. This must not be \c NULL.
1076  * \param p_rng The RNG parameter to be passed to \p f_rng.
1077  * This may be \c NULL if \p f_rng doesn't use
1078  * a context parameter.
1079  *
1080  * \return \c 0 if successful, in which case \p X holds a
1081  * probably prime number.
1082  * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
1083  * \return #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if `nbits` is not between
1084  * \c 3 and #MBEDTLS_MPI_MAX_BITS.
1085  */
1086 int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags,
1087  int (*f_rng)(void *, unsigned char *, size_t),
1088  void *p_rng);
1089 
1090 #if defined(MBEDTLS_SELF_TEST)
1091 
1092 /**
1093  * \brief Checkup routine
1094  *
1095  * \return 0 if successful, or 1 if the test failed
1096  */
1097 int mbedtls_mpi_self_test(int verbose);
1098 
1099 #endif /* MBEDTLS_SELF_TEST */
1100 
1101 #ifdef __cplusplus
1102 }
1103 #endif
1104 
1105 #endif /* bignum.h */
int mbedtls_mpi_read_string(mbedtls_mpi *X, int radix, const char *s)
Import an MPI from an ASCII string.
int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform a signed subtraction of MPIs: X = A - B.
int mbedtls_mpi_sub_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b)
Perform a signed subtraction of an MPI and an integer: X = A - b.
int mbedtls_mpi_add_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b)
Perform a signed addition of an MPI and an integer: X = A + b.
int mbedtls_mpi_safe_cond_swap(mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char swap)
Perform a safe conditional swap which doesn't reveal whether the condition was true or not.
int mbedtls_mpi_read_binary_le(mbedtls_mpi *X, const unsigned char *buf, size_t buflen)
Import X from unsigned binary data, little endian.
int mbedtls_mpi_grow(mbedtls_mpi *X, size_t nblimbs)
Enlarge an MPI to the specified number of limbs.
int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *E, const mbedtls_mpi *N, mbedtls_mpi *prec_RR)
Perform a sliding-window exponentiation: X = A^E mod N.
int mbedtls_mpi_is_prime_ext(const mbedtls_mpi *X, int rounds, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Miller-Rabin primality test.
int32_t mbedtls_mpi_sint
The signed type corresponding to mbedtls_mpi_uint.
Definition: bignum.h:179
int mbedtls_mpi_copy(mbedtls_mpi *X, const mbedtls_mpi *Y)
Make a copy of an MPI.
int mbedtls_mpi_set_bit(mbedtls_mpi *X, size_t pos, unsigned char val)
Modify a specific bit in an MPI.
int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b)
Perform a modular reduction with respect to an integer.
mbedtls_mpi_gen_prime_flag_t
Flags for mbedtls_mpi_gen_prime()
Definition: bignum.h:1062
@ MBEDTLS_MPI_GEN_PRIME_FLAG_DH
(X-1)/2 is prime too
Definition: bignum.h:1063
@ MBEDTLS_MPI_GEN_PRIME_FLAG_LOW_ERR
lower error rate from 2-80 to 2-128
Definition: bignum.h:1064
size_t mbedtls_mpi_size(const mbedtls_mpi *X)
Return the total size of an MPI value in bytes.
int mbedtls_mpi_write_binary_le(const mbedtls_mpi *X, unsigned char *buf, size_t buflen)
Export X into unsigned binary data, little endian.
int mbedtls_mpi_add_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform an unsigned addition of MPIs: X = |A| + |B|.
int mbedtls_mpi_is_prime(const mbedtls_mpi *X, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Perform a Miller-Rabin primality test with error probability of 2-80.
int mbedtls_mpi_div_mpi(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform a division with remainder of two MPIs: A = Q * B + R.
int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform a signed addition of MPIs: X = A + B.
void mbedtls_mpi_swap(mbedtls_mpi *X, mbedtls_mpi *Y)
Swap the contents of two MPIs.
int mbedtls_mpi_safe_cond_assign(mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign)
Perform a safe conditional copy of MPI which doesn't reveal whether the condition was true or not.
int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z)
Store integer value in MPI.
size_t mbedtls_mpi_bitlen(const mbedtls_mpi *X)
Return the number of bits up to and including the most significant bit of value 1.
int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf, size_t buflen)
Import an MPI from unsigned big endian binary data.
int mbedtls_mpi_cmp_mpi(const mbedtls_mpi *X, const mbedtls_mpi *Y)
Compare two MPIs.
int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform a modular reduction.
int mbedtls_mpi_div_int(mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, mbedtls_mpi_sint b)
Perform a division with remainder of an MPI by an integer: A = Q * b + R.
int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Fill an MPI with a number of random bytes.
int mbedtls_mpi_cmp_abs(const mbedtls_mpi *X, const mbedtls_mpi *Y)
Compare the absolute values of two MPIs.
int mbedtls_mpi_gen_prime(mbedtls_mpi *X, size_t nbits, int flags, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate a prime number.
int mbedtls_mpi_shift_l(mbedtls_mpi *X, size_t count)
Perform a left-shift on an MPI: X <<= count.
void mbedtls_mpi_init(mbedtls_mpi *X)
Initialize an MPI context.
size_t mbedtls_mpi_lsb(const mbedtls_mpi *X)
Return the number of bits of value 0 before the least significant bit of value 1.
int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform a multiplication of two MPIs: X = A * B.
#define MBEDTLS_DEPRECATED
Definition: bignum.h:999
uint32_t mbedtls_mpi_uint
The type of machine digits in a bignum, called _limbs_.
Definition: bignum.h:180
int mbedtls_mpi_write_string(const mbedtls_mpi *X, int radix, char *buf, size_t buflen, size_t *olen)
Export an MPI to an ASCII string.
int mbedtls_mpi_shrink(mbedtls_mpi *X, size_t nblimbs)
This function resizes an MPI downwards, keeping at least the specified number of limbs.
int mbedtls_mpi_inv_mod(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N)
Compute the modular inverse: X = A^-1 mod N.
int mbedtls_mpi_get_bit(const mbedtls_mpi *X, size_t pos)
Get a specific bit from an MPI.
void mbedtls_mpi_free(mbedtls_mpi *X)
This function frees the components of an MPI context.
int mbedtls_mpi_mul_int(mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b)
Perform a multiplication of an MPI with an unsigned integer: X = A * b.
int mbedtls_mpi_lt_mpi_ct(const mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned *ret)
Check if an MPI is less than the other in constant time.
int mbedtls_mpi_write_binary(const mbedtls_mpi *X, unsigned char *buf, size_t buflen)
Export X into unsigned binary data, big endian.
int mbedtls_mpi_cmp_int(const mbedtls_mpi *X, mbedtls_mpi_sint z)
Compare an MPI with an integer.
int mbedtls_mpi_sub_abs(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform an unsigned subtraction of MPIs: X = |A| - |B|.
int mbedtls_mpi_random(mbedtls_mpi *X, mbedtls_mpi_sint min, const mbedtls_mpi *N, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate a random number uniformly in a range.
int mbedtls_mpi_shift_r(mbedtls_mpi *X, size_t count)
Perform a right-shift on an MPI: X >>= count.
int mbedtls_mpi_gcd(mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B)
Compute the greatest common divisor: G = gcd(A, B)
struct mbedtls_mpi mbedtls_mpi
MPI structure.
uint64_t mbedtls_t_udbl
Definition: bignum.h:182
static uch flags
#define G(x, y, z)
Definition: md4.c:179
#define A(i)
Definition: ecp_curves.c:948
void swap(NCBI_NS_NCBI::pair_base_member< T1, T2 > &pair1, NCBI_NS_NCBI::pair_base_member< T1, T2 > &pair2)
Definition: ncbimisc.hpp:1508
char * buf
mdb_mode_t mode
Definition: lmdb++.h:38
const struct ncbi::grid::netcache::search::fields::SIZE size
#define mbedtls_mpi_write_file
#define mbedtls_mpi_read_file
const double E
T min(T x_, T y_)
double r(size_t dimension_, const Int4 *score_, const double *prob_, double theta_)
true_type verbose
Definition: processing.cpp:890
Configuration options (set of defines)
signed __int64 int64_t
Definition: stdint.h:135
unsigned int uint32_t
Definition: stdint.h:126
signed int int32_t
Definition: stdint.h:123
unsigned __int64 uint64_t
Definition: stdint.h:136
MPI structure.
Definition: bignum.h:208
size_t n
Total number of limbs in p.
Definition: bignum.h:223
int s
Sign: -1 if the mpi is negative, 1 otherwise.
Definition: bignum.h:220
mbedtls_mpi_uint * p
Pointer to limbs.
Definition: bignum.h:229
#define N
Definition: crc32.c:57
Modified on Mon Mar 04 05:14:28 2024 by modify_doxy.py rev. 669887