projects / thirdparty / openssl.git / blame
| Commit | Line | Data |
|---|---|---|
| fc58fa8b UM |
1 | =pod |
| 2 | ||
| 3 | =head1 NAME | |
| 4 | ||
| c952780c | 5 | BN_mod_mul_montgomery, BN_MONT_CTX_new, |
| fc58fa8b UM |
6 | BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy, |
| 7 | BN_from_montgomery, BN_to_montgomery - Montgomery multiplication | |
| 8 | ||
| 9 | =head1 SYNOPSIS | |
| 10 | ||
| 11 | #include <openssl/bn.h> | |
| 12 | ||
| 13 | BN_MONT_CTX *BN_MONT_CTX_new(void); | |
| fc58fa8b UM |
14 | void BN_MONT_CTX_free(BN_MONT_CTX *mont); |
| 15 | ||
| 16 | int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx); | |
| 17 | BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from); | |
| 18 | ||
| 19 | int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b, | |
| e9b77246 | 20 | BN_MONT_CTX *mont, BN_CTX *ctx); |
| fc58fa8b UM |
21 | |
| 22 | int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, | |
| e9b77246 | 23 | BN_CTX *ctx); |
| fc58fa8b UM |
24 | |
| 25 | int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, | |
| e9b77246 | 26 | BN_CTX *ctx); |
| fc58fa8b UM |
27 | |
| 28 | =head1 DESCRIPTION | |
| 29 | ||
| 30 | These functions implement Montgomery multiplication. They are used | |
| 9b86974e | 31 | automatically when L<BN_mod_exp(3)> is called with suitable input, |
| 38e33cef | 32 | but they may be useful when several operations are to be performed |
| fc58fa8b UM |
33 | using the same modulus. |
| 34 | ||
| 35 | BN_MONT_CTX_new() allocates and initializes a B<BN_MONT_CTX> structure. | |
| fc58fa8b | 36 | |
| 78a0c1f1 | 37 | BN_MONT_CTX_set() sets up the I<mont> structure from the modulus I<m> |
| fc58fa8b UM |
38 | by precomputing its inverse and a value R. |
| 39 | ||
| 78a0c1f1 | 40 | BN_MONT_CTX_copy() copies the B<BN_MONT_CTX> I<from> to I<to>. |
| fc58fa8b UM |
41 | |
| 42 | BN_MONT_CTX_free() frees the components of the B<BN_MONT_CTX>, and, if | |
| 43 | it was created by BN_MONT_CTX_new(), also the structure itself. | |
| 23a1d5e9 | 44 | If B<mont> is NULL, nothing is done. |
| fc58fa8b | 45 | |
| 78a0c1f1 BM |
46 | BN_mod_mul_montgomery() computes Mont(I<a>,I<b>):=I<a>*I<b>*R^-1 and places |
| 47 | the result in I<r>. | |
| fc58fa8b | 48 | |
| 78a0c1f1 | 49 | BN_from_montgomery() performs the Montgomery reduction I<r> = I<a>*R^-1. |
| fc58fa8b | 50 | |
| 78a0c1f1 BM |
51 | BN_to_montgomery() computes Mont(I<a>,R^2), i.e. I<a>*R. |
| 52 | Note that I<a> must be non-negative and smaller than the modulus. | |
| fc58fa8b | 53 | |
| 78a0c1f1 | 54 | For all functions, I<ctx> is a previously allocated B<BN_CTX> used for |
| fc58fa8b UM |
55 | temporary variables. |
| 56 | ||
| fc58fa8b UM |
57 | =head1 RETURN VALUES |
| 58 | ||
| 59 | BN_MONT_CTX_new() returns the newly allocated B<BN_MONT_CTX>, and NULL | |
| 60 | on error. | |
| 61 | ||
| e35af275 | 62 | BN_MONT_CTX_free() has no return value. |
| fc58fa8b UM |
63 | |
| 64 | For the other functions, 1 is returned for success, 0 on error. | |
| 9b86974e | 65 | The error codes can be obtained by L<ERR_get_error(3)>. |
| fc58fa8b | 66 | |
| 06676624 UM |
67 | =head1 WARNING |
| 68 | ||
| 69 | The inputs must be reduced modulo B<m>, otherwise the result will be | |
| 70 | outside the expected range. | |
| 71 | ||
| fc58fa8b UM |
72 | =head1 SEE ALSO |
| 73 | ||
| 9e183d22 | 74 | L<ERR_get_error(3)>, L<BN_add(3)>, |
| 9b86974e | 75 | L<BN_CTX_new(3)> |
| fc58fa8b UM |
76 | |
| 77 | =head1 HISTORY | |
| 78 | ||
| a528d4f0 | 79 | BN_MONT_CTX_init() was removed in OpenSSL 1.1.0 |
| fc58fa8b | 80 | |
| e2f92610 RS |
81 | =head1 COPYRIGHT |
| 82 | ||
| 9e183d22 | 83 | Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. |
| e2f92610 | 84 | |
| 4746f25a | 85 | Licensed under the Apache License 2.0 (the "License"). You may not use |
| e2f92610 RS |
86 | this file except in compliance with the License. You can obtain a copy |
| 87 | in the file LICENSE in the source distribution or at | |
| 88 | L<https://www.openssl.org/source/license.html>. | |
| 89 | ||
| 90 | =cut |