Add documentation

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2025-03-31 10:20:45 +00:00 · 2023-02-23 17:38:00 +01:00 · 2023-02-23 17:38:00 +01:00 · a835d20cde
commit a835d20cde
parent f65a059a64
2 changed files with 20 additions and 5 deletions
--- a/library/ecp_curves.c
+++ b/library/ecp_curves.c
@ -5077,20 +5077,20 @@ int ecp_mod_p224_raw(mbedtls_mpi_uint *Np, size_t Nn)
    RESET;
-    SUB_LAST; NEXT;                     // A0
+    /* Use 2^224 = P + 2^96 - 1 to modulo reduce the final carry */
    SUB_LAST; NEXT;                     // A0 += -last_c
              NEXT;                     // A1
              NEXT;                     // A2
-    ADD_LAST; NEXT;                     // A3
+    ADD_LAST; NEXT;                     // A3 += last_c
              NEXT;                     // A4
              NEXT;                     // A5
                                        // A6
    RESET;
-    SUB_LAST; NEXT;                     // A0
+    SUB_LAST; NEXT;                     // A0 += -last_c
              NEXT;                     // A1
              NEXT;                     // A2
-    ADD_LAST; NEXT;                     // A3
+    ADD_LAST; NEXT;                     // A3 += last_c
              NEXT;                     // A4
              NEXT;                     // A5
                                        // A6
--- a/library/ecp_invasive.h
+++ b/library/ecp_invasive.h
@ -96,6 +96,21 @@ int mbedtls_ecp_mod_p192_raw(mbedtls_mpi_uint *Np, size_t Nn);
 #if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
 /** Fast quasi-reduction modulo p224 (FIPS 186-3 D.2.2)
 *
 * \param[in,out]   Np  The address of the MPI to be converted.
 *                      Must have exact limb size that stores a 448-bit MPI
 *                      (double the bitlength of the modulus).
 *                      Upon return holds the reduced value which is
 *                      in range `0 <= X < 2 * N` (where N is the modulus).
 *                      The bitlength of the reduced value is the same as
 *                      that of the modulus (224 bits).
 * \param[in]       Nn  The length of \p Nn in limbs.
 *
 * \return          \c 0 on success.
 * \return          #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if \p Nn is not the limb
 *                  size that sores a 448-bit MPI.
 */
 MBEDTLS_STATIC_TESTABLE
 int ecp_mod_p224_raw(mbedtls_mpi_uint *Np, size_t Nn);