143 /* Z = (X * Y) mod M
147 int esp_mpi_mul_mpi_mod(mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y, const mbedtls_m…  in esp_mpi_mul_mpi_mod()  argument
151     size_t x_bits = mbedtls_mpi_bitlen(X);  in esp_mpi_mul_mpi_mod()
169     /* Load and start a (X * Y) mod M calculation */  in esp_mpi_mul_mpi_mod()
170     esp_mpi_mul_mpi_mod_hw_op(X, Y, M, &Rinv, Mprime, hw_words);  in esp_mpi_mul_mpi_mod()
175     Z->s = X->s * Y->s;  in esp_mpi_mul_mpi_mod()
190 static size_t mbedtls_mpi_msb( const mbedtls_mpi *X )  in mbedtls_mpi_msb()  argument
193     if (X != NULL && X->n != 0) {  in mbedtls_mpi_msb()
194         for (i = X->n - 1; i >= 0; i--) {  in mbedtls_mpi_msb()
195             if (X->p[i] != 0) {  in mbedtls_mpi_msb()
197                     if ((X->p[i] & (1 << j)) != 0) {  in mbedtls_mpi_msb()
208  * Montgomery exponentiation: Z = X ^ Y mod M  (HAC 14.94)
210 static int mpi_montgomery_exp_calc( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y, con…  in mpi_montgomery_exp_calc()  argument
232         // 1.1 x_ = mont(x, R^2 mod m)  in mpi_montgomery_exp_calc()
233         //        = mont(x, rb)  in mpi_montgomery_exp_calc()
234         MBEDTLS_MPI_CHK( esp_mont_hw_op(&X_, X, Rinv, M, Mprime, hw_words, false) );  in mpi_montgomery_exp_calc()
237         // now z = R mod m = Mont (R^2 mod m, 1) mod M (as Mont(x) = X&R^-1 mod M)  in mpi_montgomery_exp_calc()
269  * Z = X ^ Y mod M
276 static int esp_mpi_exp_mod( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y, const mbedt…  in esp_mpi_exp_mod()  argument
284     size_t x_words = mpi_words(X);  in esp_mpi_exp_mod()
323     // Montgomery exponentiation: Z = X ^ Y mod M  (HAC 14.94)  in esp_mpi_exp_mod()
325     ret = mpi_montgomery_exp_calc(Z, X, Y, M, Rinv, num_words, Mprime) ;  in esp_mpi_exp_mod()
330     esp_mpi_exp_mpi_mod_hw_op(X, Y, M, Rinv, Mprime, num_words);  in esp_mpi_exp_mod()
340     // Compensate for negative X  in esp_mpi_exp_mod()
341     if (X->s == -1 && (Y->p[0] & 1) != 0) {  in esp_mpi_exp_mod()
358  * Sliding-window exponentiation: X = A^E mod N  (HAC 14.85)
360 int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A,  in mbedtls_mpi_exp_mod()  argument
367     ret = esp_mpi_exp_mod( X, A, E, N, _RR );  in mbedtls_mpi_exp_mod()
369         ret = mbedtls_mpi_exp_mod_soft( X, A, E, N, _RR );  in mbedtls_mpi_exp_mod()
373     ret = esp_mpi_exp_mod( X, A, E, N, _RR );  in mbedtls_mpi_exp_mod()
383 static int mpi_mult_mpi_failover_mod_mult( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi …
384 static int mpi_mult_mpi_overlong(mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y, size_t…
386 /* Z = X * Y */
387 int mbedtls_mpi_mul_mpi( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y )  in mbedtls_mpi_mul_mpi()  argument
390     size_t x_bits = mbedtls_mpi_bitlen(X);  in mbedtls_mpi_mul_mpi()
410         Z->s *= X->s;  in mbedtls_mpi_mul_mpi()
414         ret = mbedtls_mpi_copy(Z, X);  in mbedtls_mpi_mul_mpi()
427        number of bits in X plus number of bits in in Y.)  in mbedtls_mpi_mul_mpi()
435             return mpi_mult_mpi_failover_mod_mult(Z, X, Y, z_words);  in mbedtls_mpi_mul_mpi()
439                 return mpi_mult_mpi_overlong(Z, X, Y, y_words, z_words);  in mbedtls_mpi_mul_mpi()
441                 return mpi_mult_mpi_overlong(Z, Y, X, x_words, z_words);  in mbedtls_mpi_mul_mpi()
449     esp_mpi_mul_mpi_hw_op(X, Y, hw_words);  in mbedtls_mpi_mul_mpi()
454     Z->s = X->s * Y->s;  in mbedtls_mpi_mul_mpi()
460 int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b )  in mbedtls_mpi_mul_int()  argument
470     return( mbedtls_mpi_mul_mpi( X, A, &_B ) );  in mbedtls_mpi_mul_int()
473 /* Deal with the case when X & Y are too long for the hardware unit, by splitting one operand
483    Z = X * Y
484    Z = X * (Yp + Ypp<<b)
485    Z = (X * Yp) + (X * Ypp<<b)
487    Note that this function may recurse multiple times, if both X & Y
490 static int mpi_mult_mpi_overlong(mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi *Y, size_t…  in mpi_mult_mpi_overlong()  argument
510     /* Get result Ztemp = Yp * X (need temporary variable Ztemp) */  in mpi_mult_mpi_overlong()
511     MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi(&Ztemp, X, &Yp) );  in mpi_mult_mpi_overlong()
514     MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi(Z, X, &Ypp) );  in mpi_mult_mpi_overlong()
546 static int mpi_mult_mpi_failover_mod_mult( mbedtls_mpi *Z, const mbedtls_mpi *X, const mbedtls_mpi …  in mpi_mult_mpi_failover_mod_mult()  argument
553     esp_mpi_mult_mpi_failover_mod_mult_hw_op(X, Y, hw_words );  in mpi_mult_mpi_failover_mod_mult()
557     Z->s = X->s * Y->s;  in mpi_mult_mpi_failover_mod_mult()