X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=doc%2Fcrypto%2FBN_mod_mul_montgomery.pod;h=6b16351b92e4bd67967762e3f0de7858c5a620e8;hb=a12a6b99629e29d6f8f2e6731e29627a89839715;hp=825a29f979f0b7ea095dd4247f719ec5cc5b1615;hpb=38e33cef15e7965ad9fd9db4b08fb2f5dc1bc573;p=oweals%2Fopenssl.git diff --git a/doc/crypto/BN_mod_mul_montgomery.pod b/doc/crypto/BN_mod_mul_montgomery.pod index 825a29f979..6b16351b92 100644 --- a/doc/crypto/BN_mod_mul_montgomery.pod +++ b/doc/crypto/BN_mod_mul_montgomery.pod @@ -29,41 +29,42 @@ BN_from_montgomery, BN_to_montgomery - Montgomery multiplication =head1 DESCRIPTION These functions implement Montgomery multiplication. They are used -automatically when BN_mod_exp(3) is called with suitable input, +automatically when L is called with suitable input, but they may be useful when several operations are to be performed using the same modulus. BN_MONT_CTX_new() allocates and initializes a B structure. BN_MONT_CTX_init() initializes an existing uninitialized B. -BN_MONT_CTX_set() sets up the B structure from the modulus B +BN_MONT_CTX_set() sets up the I structure from the modulus I by precomputing its inverse and a value R. -BN_MONT_CTX_copy() copies the B B to B. +BN_MONT_CTX_copy() copies the B I to I. BN_MONT_CTX_free() frees the components of the B, and, if it was created by BN_MONT_CTX_new(), also the structure itself. -BN_mod_mul_montgomery() computes Mont(B,B):=B*B*R^-1 and places -the result in B. +BN_mod_mul_montgomery() computes Mont(I,I):=I*I*R^-1 and places +the result in I. -BN_from_montgomery() performs the Montgomery reduction B = B*R^-1. +BN_from_montgomery() performs the Montgomery reduction I = I*R^-1. -BN_to_montgomery() computes Mont(B,R^2). +BN_to_montgomery() computes Mont(I,R^2), i.e. I*R. +Note that I must be non-negative and smaller than the modulus. -For all functions, B is a previously allocated B used for +For all functions, I is a previously allocated B used for temporary variables. The B structure is defined as follows: typedef struct bn_mont_ctx_st { - int use_word; /* 0 for word form, 1 for bignum form */ int ri; /* number of bits in R */ BIGNUM RR; /* R^2 (used to convert to Montgomery form) */ BIGNUM N; /* The modulus */ - BIGNUM Ni; /* The inverse of N (bignum form) */ - BN_ULONG n0; /* The inverse of N in word form */ + BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 + * (Ni is only stored for bignum algorithm) */ + BN_ULONG n0; /* least significant word of Ni */ int flags; } BN_MONT_CTX; @@ -77,11 +78,17 @@ on error. BN_MONT_CTX_init() and BN_MONT_CTX_free() have no return values. For the other functions, 1 is returned for success, 0 on error. -The error codes can be obtained by ERR_get_error(3). +The error codes can be obtained by L. + +=head1 WARNING + +The inputs must be reduced modulo B, otherwise the result will be +outside the expected range. =head1 SEE ALSO -bn(3), err(3), BN_add(3), BN_CTX_new(3) +L, L, L, +L =head1 HISTORY