Update documentation and add comments

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2025-01-03 23:43:40 +00:00 · 2023-02-13 16:29:05 +01:00 · 2023-02-13 16:29:05 +01:00 · a264831cff
commit a264831cff
parent 5c9f401e47
2 changed files with 11 additions and 4 deletions
--- a/library/ecp_curves.c
+++ b/library/ecp_curves.c
@ -4926,10 +4926,13 @@ int mbedtls_ecp_mod_p192_raw(mbedtls_mpi_uint *Np, size_t Nn)

    RESET;

-    ADD_LAST; NEXT;
-    ADD_LAST; NEXT;
+    /* Use the reduction for the carry as well:
+     * 2^192 * last_carry = 2^64 * last_carry + last_carry mod P192
+     */
+    ADD_LAST; NEXT;                 // A0 += last_carry
+    ADD_LAST; NEXT;                 // A1 += last_carry

-    LAST;
+    LAST;                           // A2 += carry

    return 0;
 }
--- a/library/ecp_invasive.h
+++ b/library/ecp_invasive.h
@ -79,9 +79,13 @@ int mbedtls_ecp_gen_privkey_mx(size_t n_bits,
 #if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)

 /** Fast quasi-reduction modulo p192 (FIPS 186-3 D.2.1)
+ *
+ * This operation expects a 384 bit MPI and the result of the reduction
+ * is a 192 bit MPI.
 *
 * \param[in,out]   Np  The address of the MPI to be converted.
- *                      Must have twice as many limbs as \p Nn.
+ *                      Must have twice as many limbs as the modulus so
+ *                      384 bits in length.
 * \param[in]       Nn  The length of \p Np in limbs.
 */
 MBEDTLS_STATIC_TESTABLE