mbedtls_mpi_mod_modulus_free() function

The address of the modulus structure to free.

Setup a residue structure. The residue will be set up with the buffer \p p and modulus \p N. The memory pointed to by \p p will be used by the resulting residue structure. The value at the pointed-to memory will be the initial value of \p r and must hold a value that is less than the modulus. This value will be used as-is and interpreted according to the value of the `N->int_rep` field. The modulus \p N will be the modulus associated with \p r. The residue \p r should only be used in operations where the modulus is \p N.

Initialize a modulus structure.

Setup a modulus structure.

Setup an optimised-reduction compatible modulus structure.

Multiply two residues, returning the residue modulo the specified modulus. The size of the operation is determined by \p N. \p A, \p B and \p X must all be associated with the modulus \p N and must all have the same number of limbs as \p N. \p X may be aliased to \p A or \p B, or even both, but may not overlap either otherwise. They may not alias \p N (since they must be in canonical form, they cannot == \p N).

Perform a fixed-size modular subtraction. Calculate `A - B modulo N`. \p A, \p B and \p X must all have the same number of limbs as \p N. \p X may be aliased to \p A or \p B, or even both, but may not overlap either otherwise.

Perform modular inversion of an MPI with respect to a modulus \p N. \p A and \p X must be associated with the modulus \p N and will therefore have the same number of limbs as \p N. \p X may be aliased to \p A. \warning Currently only supports prime moduli, but does not check for them.

Perform a fixed-size modular addition. Calculate `A + B modulo N`. \p A, \p B and \p X must all be associated with the modulus \p N and must all have the same number of limbs as \p N. \p X may be aliased to \p A or \p B, or even both, but may not overlap either otherwise.

Generate a random number uniformly in a range. This function generates a random number between \p min inclusive and \p N exclusive. The procedure complies with RFC 6979 §3.3 (deterministic ECDSA) when the RNG is a suitably parametrized instance of HMAC_DRBG and \p min is \c 1.

Read a residue from a byte buffer. The residue will be automatically converted to the internal representation based on the value of the `N->int_rep` field. The modulus \p N will be the modulus associated with \p r. The residue \p r should only be used in operations where the modulus is \p N or a modulus equivalent to \p N (in the sense that all their fields or memory pointed by their fields hold the same value).

Write a residue into a byte buffer. The modulus \p N must be the modulus associated with \p r (see mbedtls_mpi_mod_residue_setup() and mbedtls_mpi_mod_read()). The residue will be automatically converted from the internal representation based on the value of `N->int_rep` field. \warning If the buffer is smaller than `N->bits`, the number of leading zeroes is leaked through timing. If \p r is secret, the caller must ensure that \p buflen is at least (`N->bits`+7)/8.