diff --git a/library/bignum_mod_raw.c b/library/bignum_mod_raw.c index 22e56b7e63..138d5a08bc 100644 --- a/library/bignum_mod_raw.c +++ b/library/bignum_mod_raw.c @@ -182,6 +182,18 @@ int mbedtls_mpi_mod_raw_from_mont_rep( mbedtls_mpi_uint *X, mbedtls_free( T ); return( 0 ); } + +void mbedtls_mpi_mod_raw_neg( mbedtls_mpi_uint *X, + const mbedtls_mpi_uint *A, + const mbedtls_mpi_mod_modulus *m ) +{ + mbedtls_mpi_core_sub( X, m->p, A, m->limbs ); + + /* If A=0 initially, then X=N now. Detect this by + * subtracting N and catching the carry. */ + mbedtls_mpi_uint borrow = mbedtls_mpi_core_sub( X, X, m->p, m->limbs ); + (void) mbedtls_mpi_core_add_if( X, m->p, m->limbs, (unsigned) borrow ); +} /* END MERGE SLOT 7 */ /* BEGIN MERGE SLOT 8 */ diff --git a/library/bignum_mod_raw.h b/library/bignum_mod_raw.h index d7b6dd115e..b512ae0d30 100644 --- a/library/bignum_mod_raw.h +++ b/library/bignum_mod_raw.h @@ -233,6 +233,24 @@ int mbedtls_mpi_mod_raw_to_mont_rep( mbedtls_mpi_uint *X, */ int mbedtls_mpi_mod_raw_from_mont_rep( mbedtls_mpi_uint *X, const mbedtls_mpi_mod_modulus *m ); + +/** \brief Perform fixed width modular negation. + * + * The size of the operation is determined by \p N. \p A must have + * the same number of limbs as \p N. + * + * \p X may be aliased to \p A. + * + * \param[out] X The result of the modular negation. + * This must be initialized. Must have enough limbs to + * store the full value of the result. + * \param[in] A Little-endian presentation of the input operand. This + * must be smaller or equal to \p N. + * \param[in] m The address of the modulus related to \p A. + */ +void mbedtls_mpi_mod_raw_neg( mbedtls_mpi_uint *X, + const mbedtls_mpi_uint *A, + const mbedtls_mpi_mod_modulus *m); /* END MERGE SLOT 7 */ /* BEGIN MERGE SLOT 8 */