From 467a5499a5466fc304c1ff3b5d0fff470f16fb4b Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Mon, 19 Feb 2024 11:27:38 +0000
Subject: [PATCH] Exp mod: clarify preprocessing

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 library/bignum.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/library/bignum.c b/library/bignum.c
index 0f63c31df0..4cebd95a95 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -1654,7 +1654,14 @@ int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
     X->s = 1;
 
     /*
-     * Make sure that A has exactly as many limbs as N.
+     * Make sure that X is in a form that is safe for consumption by
+     * the core functions.
+     *
+     * - The core functions will not touch the limbs of X above N->n. The
+     *   result will be correct if those limbs are 0, which the mod call
+     *   ensures.
+     * - Also, X must have at least as many limbs as N for the calls to the
+     *   core functions.
      */
     if (mbedtls_mpi_cmp_mpi(X, N) >= 0) {
         MBEDTLS_MPI_CHK(mbedtls_mpi_mod_mpi(X, X, N));