error_t rsadp(const RsaPrivateKey *key, const Mpi *c, Mpi *m)
{
error_t error;
Mpi m1;
Mpi m2;
Mpi h;
//The ciphertext representative c shall be between 0 and n - 1
if(mpiCompInt(c, 0) < 0 || mpiComp(c, &key->n) >= 0)
return ERROR_OUT_OF_RANGE;
//Initialize multiple-precision integers
mpiInit(&m1);
mpiInit(&m2);
mpiInit(&h);
//Use the Chinese remainder algorithm?
if(key->n.size && key->p.size && key->q.size &&
key->dp.size && key->dq.size && key->qinv.size)
{
//Compute m1 = c ^ dP mod p
MPI_CHECK(mpiExpMod(&m1, c, &key->dp, &key->p));
//Compute m2 = c ^ dQ mod q
MPI_CHECK(mpiExpMod(&m2, c, &key->dq, &key->q));
//Let h = (m1 - m2) * qInv mod p
MPI_CHECK(mpiSub(&h, &m1, &m2));
MPI_CHECK(mpiMulMod(&h, &h, &key->qinv, &key->p));
//Let m = m2 + q * h
MPI_CHECK(mpiMul(m, &key->q, &h));
MPI_CHECK(mpiAdd(m, m, &m2));
}
//Use modular exponentiation?
else if(key->n.size && key->d.size)
{
//Let m = c ^ d mod n
error = mpiExpMod(m, c, &key->d, &key->n);
}
//Invalid parameters?
else
{
//Report an error
error = ERROR_INVALID_PARAMETER;
}
end:
//Free previously allocated memory
mpiFree(&m1);
mpiFree(&m2);
mpiFree(&h);
//Return status code
return error;
}
error_t ecSqrMod(const EcDomainParameters *params, Mpi *r, const Mpi *a)
{
error_t error;
//Compute R = A ^ 2
MPI_CHECK(mpiMul(r, a, a));
//Compute R = (A ^ 2) mod p
if(params->mod != NULL)
{
MPI_CHECK(params->mod(r, ¶ms->p));
}
else
{
MPI_CHECK(mpiMod(r, r, ¶ms->p));
}
end:
//Return status code
return error;
}
