mbedtls_mpi struct

This function frees the components of an MPI context.

Initialize an MPI context. This makes the MPI ready to be set or freed, but does not define a value for the MPI.

Compare an MPI with an integer.

Make a copy of an MPI.

Compare two MPIs.

Store integer value in MPI.

Perform a multiplication of two MPIs: X = A * B

Import an MPI from unsigned big endian binary data.

Perform a modular reduction. R = A mod B

Export X into unsigned binary data, big endian. Always fills the whole buffer, which will start with zeros if the number is smaller.

Return the number of bits up to and including the most significant bit of value \c 1. * \note This is same as the one-based index of the most significant bit of value \c 1.

Enlarge an MPI to the specified number of limbs.

Perform a signed subtraction of MPIs: X = A - B

Return the total size of an MPI value in bytes.

Perform a signed subtraction of an MPI and an integer: X = A - b

Perform a right-shift on an MPI: X >>= count

Perform a signed addition of MPIs: X = A + B

Get a specific bit from an MPI.

Perform a modular exponentiation: X = A^E mod N

Import an MPI from an ASCII string.

Modify a specific bit in an MPI.

This function performs a scalar multiplication of a point by an integer: \p R = \p m * \p P. It is not thread-safe to use same group in multiple threads.

Perform a signed addition of an MPI and an integer: X = A + b

Compute the modular inverse: X = A^-1 mod N

Write an arbitrary-precision number (#MBEDTLS_ASN1_INTEGER) in ASN.1 format.

Fill an MPI with a number of random bytes.

Perform a left-shift on an MPI: X <<= count

This function imports a set of core parameters into an RSA context. Any sequence of calls to this function should be followed by a call to mbedtls_rsa_complete(), which checks and completes the provided information to a ready-for-use public or private RSA key.

Perform an unsigned subtraction of MPIs: X = |A| - |B|

This function exports the core parameters of an RSA key. If this function runs successfully, the non-NULL buffers pointed to by \p N, \p P, \p Q, \p D, and \p E are fully written, with additional unused space filled leading by zero Bytes. Possible reasons for returning #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED: An alternative RSA implementation is in use, which stores the key externally, and either cannot or should not export it into RAM. A SW or HW implementation might not support a certain deduction. For example, \p P, \p Q from \p N, \p D, and \p E if the former are not part of the implementation. If the function fails due to an unsupported operation, the RSA context stays intact and remains usable.

Retrieve an integer ASN.1 tag and its value. Updates the pointer to immediately behind the full tag.

Perform a division with remainder of two MPIs: A = Q * B + R

Compute the greatest common divisor: G = gcd(A, B)

Generate a random number uniformly in a range. This function generates a random number between \p min inclusive and \p N exclusive. The procedure complies with RFC 6979 §3.3 (deterministic ECDSA) when the RNG is a suitably parametrized instance of HMAC_DRBG and \p min is \c 1.

Return the number of bits of value \c 0 before the least significant bit of value \c 1.

This function performs multiplication and addition of two points by integers: \p R = \p m * \p P + \p n * \p Q It is not thread-safe to use same group in multiple threads.

Perform a multiplication of an MPI with an unsigned integer: X = A * b

Perform a safe conditional copy of MPI which doesn't reveal whether the condition was true or not. \warning If \p assign is neither 0 nor 1, the result of this function is indeterminate, and the resulting value in \p X might be neither its original value nor the value in \p Y.

Starts a montgomery multiplication calculation in hardware

This function generates an ECDH keypair on an elliptic curve. This function performs the first of two core computations implemented during the ECDH key exchange. The second core computation is performed by mbedtls_ecdh_compute_shared(). \see ecp.h

Perform an unsigned addition of MPIs: X = |A| + |B|

Perform a safe conditional swap which doesn't reveal whether the condition was true or not. \warning If \p swap is neither 0 nor 1, the result of this function is indeterminate, and both \p X and \p Y might end up with values different to either of the original ones.

This function performs multiplication of a point by an integer: \p R = \p m * \p P in a restartable way. \see mbedtls_ecp_mul()

This function generates a private key.

This function verifies the ECDSA signature of a previously-hashed message. \see ecp.h

This function computes the shared secret. This function performs the second of two core computations implemented during the ECDH key exchange. The first core computation is performed by mbedtls_ecdh_gen_public(). \see ecp.h

Miller-Rabin primality test. \warning If \p X is potentially generated by an adversary, for example when validating cryptographic parameters that you didn't generate yourself and that are supposed to be prime, then \p rounds should be at least the half of the security strength of the cryptographic algorithm. On the other hand, if \p X is chosen uniformly or non-adversarially (as is the case when mbedtls_mpi_gen_prime calls this function), then \p rounds can be much lower.

This function resizes an MPI downwards, keeping at least the specified number of limbs. If \c X is smaller than \c nblimbs, it is resized up instead.

Import X from unsigned binary data, little endian

Export X into unsigned binary data, little endian. Always fills the whole buffer, which will end with zeros if the number is smaller.

Perform a modular reduction with respect to an integer. r = A mod b

This function generates a keypair with a configurable base point.

This function exports CRT parameters of a private RSA key.

Export an MPI to an ASCII string.

Perform a division with remainder of an MPI by an integer: A = Q * b + R

This function computes the ECDSA signature of a previously-hashed message. \see ecp.h

This function computes the ECDSA signature of a previously-hashed message, deterministic version. For more information, see RFC-6979: Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA). \see ecp.h

Generate a prime number.

Compare the absolute values of two MPIs.

This function generates an ECP keypair.

This function performs multiplication and addition of two points by integers: \p R = \p m * \p P + \p n * \p Q in a restartable way. \see \c mbedtls_ecp_muladd()

This function checks that an \c mbedtls_mpi is a valid private key for this curve.

This function computes the ECDSA signature of a previously-hashed message, in a restartable way. \see ecp.h

This function computes the ECDSA signature of a previously-hashed message, in a restartable way. \see ecp.h

This function verifies the ECDSA signature of a previously-hashed message, in a restartable manner \see ecp.h

Calculate the square of the Montgomery constant. (Needed for conversion and operations in Montgomery form.)

This function copies a parameter of a DHM key.

Generate RSA-CRT parameters

Check if an MPI is less than the other in constant time.

Swap the contents of two MPIs.

Perform a modular exponentiation: X = A^E mod N \warning This function is not constant time with respect to \p E (the exponent).

This function sets the prime modulus and generator.

Compute RSA prime moduli P, Q from public modulus N=PQ and a pair of private and public key.

Compute RSA private exponent from prime moduli and public key.

Check validity of core RSA parameters

Check validity of RSA CRT parameters

There is a need for the value of integer N' such that B^-1(B-1)-N^-1N'=1, where B^-1(B-1) mod N=1. Actually, only the least significant part of N' is needed, hence the definition N0'=N' mod b. We reproduce below the simple algorithm from an article by Dusse and Kaliski to efficiently find N0' from N0 and b

Starts a (X * Y) Mod M calculation in hardware. Rinv and M_prime needs to be precalculated in software.

Starts a (X * Y) calculation in hardware.

Special-case of (X * Y), where we use hardware montgomery mod multiplication to calculate result where either A or B are >2048 bits so can't use the standard multiplication method.

Read an MPI from a line in an opened file. The function returns \c 0 on an empty line. Leading whitespaces are ignored, as is a '0x' prefix for radix \c 16.

Export an MPI into an opened file.

This function exports generic key-pair parameters. Each of the output parameters can be a null pointer if you do not need that parameter.

Read out the result from the previous calculation.

Print a MPI variable to the debug output. This function is always used through the MBEDTLS_SSL_DEBUG_MPI() macro, which supplies the ssl context, file and line number parameters. \attention This function is intended for INTERNAL usage within the library only.