BN_mod_mul_montgomery(3) OpenSSL BN_mod_mul_montgomery(3) NNAAMMEE BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_init, BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy, BN_from_mont- gomery, BN_to_montgomery - Montgomery multiplication SSYYNNOOPPSSIISS #include BN_MONT_CTX *BN_MONT_CTX_new(void); void BN_MONT_CTX_init(BN_MONT_CTX *ctx); void BN_MONT_CTX_free(BN_MONT_CTX *mont); int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx); BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from); int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_MONT_CTX *mont, BN_CTX *ctx); int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx); int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx); DDEESSCCRRIIPPTTIIOONN These functions implement Montgomery multiplication. They are used automatically when _B_N___m_o_d___e_x_p(3) is called with suitable input, but they may be useful when several operations are to be performed using the same modulus. _B_N___M_O_N_T___C_T_X___n_e_w_(_) allocates and initializes a BBNN__MMOONNTT__CCTTXX structure. _B_N___M_O_N_T___C_T_X___i_n_i_t_(_) initializes an existing uninitialized BBNN__MMOONNTT__CCTTXX. _B_N___M_O_N_T___C_T_X___s_e_t_(_) sets up the _m_o_n_t structure from the modulus _m by pre- computing its inverse and a value R. _B_N___M_O_N_T___C_T_X___c_o_p_y_(_) copies the BBNN__MMOONNTT__CCTTXX _f_r_o_m to _t_o. _B_N___M_O_N_T___C_T_X___f_r_e_e_(_) frees the components of the BBNN__MMOONNTT__CCTTXX, and, if it was created by _B_N___M_O_N_T___C_T_X___n_e_w_(_), also the structure itself. _B_N___m_o_d___m_u_l___m_o_n_t_g_o_m_e_r_y_(_) computes Mont(_a,_b):=_a*_b*R^-1 and places the result in _r. _B_N___f_r_o_m___m_o_n_t_g_o_m_e_r_y_(_) performs the Montgomery reduction _r = _a*R^-1. _B_N___t_o___m_o_n_t_g_o_m_e_r_y_(_) computes Mont(_a,R^2), i.e. _a*R. Note that _a must be non-negative and smaller than the modulus. For all functions, _c_t_x is a previously allocated BBNN__CCTTXX used for tempo- rary variables. The BBNN__MMOONNTT__CCTTXX structure is defined as follows: typedef struct bn_mont_ctx_st { int ri; /* number of bits in R */ BIGNUM RR; /* R^2 (used to convert to Montgomery form) */ BIGNUM N; /* The modulus */ BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 * (Ni is only stored for bignum algorithm) */ BN_ULONG n0; /* least significant word of Ni */ int flags; } BN_MONT_CTX; _B_N___t_o___m_o_n_t_g_o_m_e_r_y_(_) is a macro. RREETTUURRNN VVAALLUUEESS _B_N___M_O_N_T___C_T_X___n_e_w_(_) returns the newly allocated BBNN__MMOONNTT__CCTTXX, and NULL on error. _B_N___M_O_N_T___C_T_X___i_n_i_t_(_) and _B_N___M_O_N_T___C_T_X___f_r_e_e_(_) have no return values. For the other functions, 1 is returned for success, 0 on error. The error codes can be obtained by _E_R_R___g_e_t___e_r_r_o_r(3). WWAARRNNIINNGG The inputs must be reduced modulo mm, otherwise the result will be out- side the expected range. SSEEEE AALLSSOO _b_n(3), _E_R_R___g_e_t___e_r_r_o_r(3), _B_N___a_d_d(3), _B_N___C_T_X___n_e_w(3) HHIISSTTOORRYY _B_N___M_O_N_T___C_T_X___n_e_w_(_), _B_N___M_O_N_T___C_T_X___f_r_e_e_(_), _B_N___M_O_N_T___C_T_X___s_e_t_(_), _B_N___m_o_d___m_u_l___m_o_n_t_g_o_m_e_r_y_(_), _B_N___f_r_o_m___m_o_n_t_g_o_m_e_r_y_(_) and _B_N___t_o___m_o_n_t_g_o_m_e_r_y_(_) are available in all versions of SSLeay and OpenSSL. _B_N___M_O_N_T___C_T_X___i_n_i_t_(_) and _B_N___M_O_N_T___C_T_X___c_o_p_y_(_) were added in SSLeay 0.9.1b. 1.0.2u 2019-12-20 BN_mod_mul_montgomery(3)