mbedtls_mpi_mod_random() function

The destination residue.

The minimum value to return. It must be strictly smaller than \b N.

The modulus. This is the upper bound of the output range, exclusive.

The RNG function to use. This must not be \c NULL.

The RNG parameter to be passed to \p f_rng.

Setup a residue structure. The residue will be set up with the buffer \p p and modulus \p N. The memory pointed to by \p p will be used by the resulting residue structure. The value at the pointed-to memory will be the initial value of \p r and must hold a value that is less than the modulus. This value will be used as-is and interpreted according to the value of the `N->int_rep` field. The modulus \p N will be the modulus associated with \p r. The residue \p r should only be used in operations where the modulus is \p N.

Unbind elements of a residue structure. This function removes the reference to the limb array that was passed to mbedtls_mpi_mod_residue_setup() to make it safe to free or use again. This function invalidates \p r and it must not be used until after mbedtls_mpi_mod_residue_setup() is called on it again.

Multiply two residues, returning the residue modulo the specified modulus. The size of the operation is determined by \p N. \p A, \p B and \p X must all be associated with the modulus \p N and must all have the same number of limbs as \p N. \p X may be aliased to \p A or \p B, or even both, but may not overlap either otherwise. They may not alias \p N (since they must be in canonical form, they cannot == \p N).

Perform a fixed-size modular subtraction. Calculate `A - B modulo N`. \p A, \p B and \p X must all have the same number of limbs as \p N. \p X may be aliased to \p A or \p B, or even both, but may not overlap either otherwise.

Perform modular inversion of an MPI with respect to a modulus \p N. \p A and \p X must be associated with the modulus \p N and will therefore have the same number of limbs as \p N. \p X may be aliased to \p A. \warning Currently only supports prime moduli, but does not check for them.

Perform a fixed-size modular addition. Calculate `A + B modulo N`. \p A, \p B and \p X must all be associated with the modulus \p N and must all have the same number of limbs as \p N. \p X may be aliased to \p A or \p B, or even both, but may not overlap either otherwise.

Read a residue from a byte buffer. The residue will be automatically converted to the internal representation based on the value of the `N->int_rep` field. The modulus \p N will be the modulus associated with \p r. The residue \p r should only be used in operations where the modulus is \p N or a modulus equivalent to \p N (in the sense that all their fields or memory pointed by their fields hold the same value).

Write a residue into a byte buffer. The modulus \p N must be the modulus associated with \p r (see mbedtls_mpi_mod_residue_setup() and mbedtls_mpi_mod_read()). The residue will be automatically converted from the internal representation based on the value of `N->int_rep` field. \warning If the buffer is smaller than `N->bits`, the number of leading zeroes is leaked through timing. If \p r is secret, the caller must ensure that \p buflen is at least (`N->bits`+7)/8.