From ec440f2397a8e4326457abb315b2d33496948cf2 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 11 Aug 2022 17:29:32 +0100
Subject: [PATCH 01/10] bignum_mod_raw: Ported
 mbedtls_mpi_get_montgomery_constant_unsafe from prototype

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
---
 library/bignum_core.c | 16 ++++++++++++++++
 library/bignum_core.h | 19 +++++++++++++++++++
 2 files changed, 35 insertions(+)

diff --git a/library/bignum_core.c b/library/bignum_core.c
index 00837298b..457405d27 100644
--- a/library/bignum_core.c
+++ b/library/bignum_core.c
@@ -511,4 +511,20 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
     mbedtls_ct_mpi_uint_cond_assign( AN_limbs, X, T, (unsigned char) ( carry ^ borrow ) );
 }
 
+int mbedtls_mpi_get_montgomery_constant_unsafe( mbedtls_mpi *X,
+                                                mbedtls_mpi const *N )
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+    if ( X == NULL || N == NULL ) goto cleanup;
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 1 ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( X, N->n * 2 * biL ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( X, X, N ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_shrink( X, N->n ) );
+
+cleanup:
+    return( ret );
+}
+
 #endif /* MBEDTLS_BIGNUM_C */
diff --git a/library/bignum_core.h b/library/bignum_core.h
index 56a3bf874..3100bd5ff 100644
--- a/library/bignum_core.h
+++ b/library/bignum_core.h
@@ -412,4 +412,23 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
                                const mbedtls_mpi_uint *N, size_t AN_limbs,
                                mbedtls_mpi_uint mm, mbedtls_mpi_uint *T );
 
+/**
+ * \brief Calculate initialisation value for fast Montgomery modular
+ *        multiplication
+ *
+ * \param[out] X  A pointer to the result of the calculation of
+ *                Montgomery const 2^{2*n*biL} mod N.
+ * \param[in]  N  Little-endian presentation of the modulus, which must be odd.
+ *
+ * \return        0 if successful.
+ * \return        #MBEDTLS_ERR_MPI_ALLOC_FAILED if there is not enough space
+ *                to store the value of Montgomery constant squared.
+ * \return        #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p N modulus is zero.
+ * \return        #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p N modulus is negative.
+ * \return        #MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED \p N, \p X are NULL
+ *                or other operations fail.
+ */
+int mbedtls_mpi_get_montgomery_constant_unsafe( mbedtls_mpi *X,
+                                                mbedtls_mpi const *N );
+
 #endif /* MBEDTLS_BIGNUM_CORE_H */

From 1a1b1755548b2b0e773df39922f87def8820ea20 Mon Sep 17 00:00:00 2001
From: Minos Galanakis <minos.galanakis@arm.com>
Date: Mon, 10 Oct 2022 14:50:06 +0100
Subject: [PATCH 02/10] test_suite_bignum: Added tests for
 `mpi_get_montgomery_constant_unsafe()`

This patch adds the test for the method calculating the RR. The input/expected
data are generated manually using the following Python3 snippet:

~~~~~
import math

title="mpi_get_montgomery_constant_unsafe"
tt = title + " #{}"

in_data = [ "0f", ... ]

def limb_no(number, bil=64):
    return int(math.ceil(int.bit_length(number)/(bil * 1.0)))

def calc_rr(number, bil=64 ):
    return '{:x}'.format(pow(pow(2, limb_no(number, bil) * bil), 2, number))

def calc_rr_str(number, prefix=""):
    rr64 = calc_rr(number)
    rr32 = calc_rr(number, bil=32)
    return '{}:"{:x}":"{}":"{}"'.format(prefix,number, rr32, rr64)

print("\n\n".join(["{}\n{}".format(tt.format(in_data.index(v)+1), calc_rr_str(int(v,base=16), title)) for v in in_data]))
~~~~~

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
---
 tests/suites/test_suite_bignum.function  | 78 ++++++++++++++++++++++++
 tests/suites/test_suite_bignum.misc.data | 33 ++++++++++
 2 files changed, 111 insertions(+)

diff --git a/tests/suites/test_suite_bignum.function b/tests/suites/test_suite_bignum.function
index 4cec0a7c7..e94681a28 100644
--- a/tests/suites/test_suite_bignum.function
+++ b/tests/suites/test_suite_bignum.function
@@ -1,8 +1,10 @@
 /* BEGIN_HEADER */
 #include "mbedtls/bignum.h"
+#include "bignum_core.h"
 #include "mbedtls/entropy.h"
 #include "constant_time_internal.h"
 #include "test/constant_flow.h"
+#include "mbedtls/error.h"
 
 #if MBEDTLS_MPI_MAX_BITS > 792
 #define MPI_MAX_BITS_LARGER_THAN_792
@@ -1414,6 +1416,82 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void mpi_get_montgomery_constant_unsafe_neg(  )
+{
+    mbedtls_mpi N, RR;
+    mbedtls_mpi_init( &N );
+    mbedtls_mpi_init( &RR );
+    const char * n = "7ffffffffffffff1";
+
+    /* Test for NULL input pointers */
+    TEST_EQUAL( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED,
+               mbedtls_mpi_get_montgomery_constant_unsafe( NULL, &N ) );
+
+    TEST_EQUAL( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED,
+               mbedtls_mpi_get_montgomery_constant_unsafe( &RR, NULL ) );
+
+    /* Test for zero divisor */
+    TEST_EQUAL( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO,
+               mbedtls_mpi_get_montgomery_constant_unsafe( &RR, &N ) );
+
+    /* Test for negative input */
+    TEST_EQUAL( 0, mbedtls_test_read_mpi( &N, n ) );
+    N.s = -1;
+    TEST_EQUAL( MBEDTLS_ERR_MPI_NEGATIVE_VALUE,
+               mbedtls_mpi_get_montgomery_constant_unsafe( &RR, &N ) );
+    N.s = 1;
+
+exit:
+    mbedtls_mpi_free( &N );
+    mbedtls_mpi_free( &RR );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_get_montgomery_constant_unsafe( char * input_N,
+                                         char * input_RR_X4,
+                                         char * input_RR_X8 )
+{
+    mbedtls_mpi N, RR, RR_REF;
+
+    /* Select the appropriate output */
+    char * input_rr = ( sizeof(mbedtls_mpi_uint) == 4 ) ? input_RR_X4: input_RR_X8;
+
+    mbedtls_mpi_init( &N );
+    mbedtls_mpi_init( &RR );
+    mbedtls_mpi_init( &RR_REF );
+
+    /* Read inputs */
+    TEST_EQUAL( 0, mbedtls_test_read_mpi( &N, input_N ) );
+    TEST_EQUAL( 0, mbedtls_test_read_mpi( &RR_REF, input_rr ) );
+
+    /* All of the inputs are +ve (or zero) */
+    TEST_EQUAL( 1, sign_is_valid(&N));
+    TEST_EQUAL( 1, sign_is_valid(&RR_REF));
+
+    /* Test valid input */
+    TEST_EQUAL( 0, mbedtls_mpi_get_montgomery_constant_unsafe( &RR, &N ) );
+
+    /* Test that the moduli is odd */
+    TEST_EQUAL(N.p[0] ^ 1, N.p[0] - 1);
+
+   /* Output is +ve (or zero) */
+    TEST_EQUAL( 1, sign_is_valid(&RR));
+
+    /* rr is updated to a valid pointer */
+    TEST_ASSERT( RR.p != NULL );
+
+    /* Calculated rr matches expected value */
+    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &RR, &RR_REF ) == 0 );
+
+exit:
+    mbedtls_mpi_free( &N );
+    mbedtls_mpi_free( &RR );
+    mbedtls_mpi_free( &RR_REF );
+}
+/* END_CASE */
+
 /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
 void mpi_selftest(  )
 {
diff --git a/tests/suites/test_suite_bignum.misc.data b/tests/suites/test_suite_bignum.misc.data
index 78afcb64c..b93b18391 100644
--- a/tests/suites/test_suite_bignum.misc.data
+++ b/tests/suites/test_suite_bignum.misc.data
@@ -1902,6 +1902,39 @@ mpi_random_fail:2:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
 MPI random bad arguments: min > N = 1, 0 limb in upper bound
 mpi_random_fail:2:"000000000000000001":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
 
+mbedtls_mpi_get_montgomery_constant_unsafe_neg
+mpi_get_montgomery_constant_unsafe_neg:
+
+mbedtls_mpi_get_montgomery_constant_unsafe #1
+mpi_get_montgomery_constant_unsafe:"f":"1":"1"
+
+mbedtls_mpi_get_montgomery_constant_unsafe #2
+mpi_get_montgomery_constant_unsafe:"fd":"ec":"24"
+
+mbedtls_mpi_get_montgomery_constant_unsafe #3
+mpi_get_montgomery_constant_unsafe:"eeff99aa37":"a23bd6a686":"a23bd6a686"
+
+mbedtls_mpi_get_montgomery_constant_unsafe #4
+mpi_get_montgomery_constant_unsafe:"eeff99aa11":"3308cb71":"3308cb71"
+
+mbedtls_mpi_get_montgomery_constant_unsafe #5
+mpi_get_montgomery_constant_unsafe:"800000000005":"6400000000":"6400000000"
+
+mbedtls_mpi_get_montgomery_constant_unsafe #6
+mpi_get_montgomery_constant_unsafe:"7fffffffffffffff":"4":"4"
+
+mbedtls_mpi_get_montgomery_constant_unsafe #7
+mpi_get_montgomery_constant_unsafe:"80fe000a10000001":"5dbc6e833bad575a":"5dbc6e833bad575a"
+
+mbedtls_mpi_get_montgomery_constant_unsafe #8
+mpi_get_montgomery_constant_unsafe:"25a55a46e5da99c71c7":"11637ce1347edeaf669":"1e455bf7451c05bc711"
+
+mbedtls_mpi_get_montgomery_constant_unsafe #9
+mpi_get_montgomery_constant_unsafe:"314dc643fb763f2b8c0e2de00879":"1058ad82120c3a10196bb36229c1":"1058ad82120c3a10196bb36229c1"
+
+mbedtls_mpi_get_montgomery_constant_unsafe #10
+mpi_get_montgomery_constant_unsafe:"8335616aed761f1f7f44e6bd49e807b82e3bf2bf11bfa6af813c808dbf33dbfa11dabd6e6144bef37c6800000000000000000000000000000000051":"78a9f16233856e722242e964006ed8666bfe8e55ea736ea86ce7aa71511e36d9ea1509ad5d821f7777e4a2d885924d15cc11e2ccd85eba69ab04989":"5c9d20a5636b6d7abdec003c1ad87e7c88ebf7238a5d85800d3bc214512cd6269558728307ae94eb389e2ccd85eba69ab0493e8277211ce1be22db"
+
 MPI Selftest
 depends_on:MBEDTLS_SELF_TEST
 mpi_selftest:

From 4f43f61c6ad965a8a9cae7afc5af875c959b33b6 Mon Sep 17 00:00:00 2001
From: Minos Galanakis <minos.galanakis@arm.com>
Date: Thu, 20 Oct 2022 09:46:59 +0100
Subject: [PATCH 03/10] Renamed mbedtls_mpi_get_montgomery_constant_unsafe to
 mpi_core_get_mont_R2_unsafe

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
---
 library/bignum_core.c                    |  4 +--
 library/bignum_core.h                    |  4 +--
 tests/suites/test_suite_bignum.function  | 18 +++++-----
 tests/suites/test_suite_bignum.misc.data | 44 ++++++++++++------------
 4 files changed, 35 insertions(+), 35 deletions(-)

diff --git a/library/bignum_core.c b/library/bignum_core.c
index 457405d27..a3547bd64 100644
--- a/library/bignum_core.c
+++ b/library/bignum_core.c
@@ -511,8 +511,8 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
     mbedtls_ct_mpi_uint_cond_assign( AN_limbs, X, T, (unsigned char) ( carry ^ borrow ) );
 }
 
-int mbedtls_mpi_get_montgomery_constant_unsafe( mbedtls_mpi *X,
-                                                mbedtls_mpi const *N )
+int mbedtls_mpi_core_get_mont_R2_unsafe( mbedtls_mpi *X,
+                                         mbedtls_mpi const *N )
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
diff --git a/library/bignum_core.h b/library/bignum_core.h
index 3100bd5ff..57f27ddf2 100644
--- a/library/bignum_core.h
+++ b/library/bignum_core.h
@@ -428,7 +428,7 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
  * \return        #MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED \p N, \p X are NULL
  *                or other operations fail.
  */
-int mbedtls_mpi_get_montgomery_constant_unsafe( mbedtls_mpi *X,
-                                                mbedtls_mpi const *N );
+int mbedtls_mpi_core_get_mont_R2_unsafe( mbedtls_mpi *X,
+                                         mbedtls_mpi const *N );
 
 #endif /* MBEDTLS_BIGNUM_CORE_H */
diff --git a/tests/suites/test_suite_bignum.function b/tests/suites/test_suite_bignum.function
index e94681a28..4b5aee577 100644
--- a/tests/suites/test_suite_bignum.function
+++ b/tests/suites/test_suite_bignum.function
@@ -1417,7 +1417,7 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void mpi_get_montgomery_constant_unsafe_neg(  )
+void mpi_core_get_mont_R2_unsafe_neg(  )
 {
     mbedtls_mpi N, RR;
     mbedtls_mpi_init( &N );
@@ -1426,20 +1426,20 @@ void mpi_get_montgomery_constant_unsafe_neg(  )
 
     /* Test for NULL input pointers */
     TEST_EQUAL( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED,
-               mbedtls_mpi_get_montgomery_constant_unsafe( NULL, &N ) );
+               mbedtls_mpi_core_get_mont_R2_unsafe( NULL, &N ) );
 
     TEST_EQUAL( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED,
-               mbedtls_mpi_get_montgomery_constant_unsafe( &RR, NULL ) );
+               mbedtls_mpi_core_get_mont_R2_unsafe( &RR, NULL ) );
 
     /* Test for zero divisor */
     TEST_EQUAL( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO,
-               mbedtls_mpi_get_montgomery_constant_unsafe( &RR, &N ) );
+               mbedtls_mpi_core_get_mont_R2_unsafe( &RR, &N ) );
 
     /* Test for negative input */
     TEST_EQUAL( 0, mbedtls_test_read_mpi( &N, n ) );
     N.s = -1;
     TEST_EQUAL( MBEDTLS_ERR_MPI_NEGATIVE_VALUE,
-               mbedtls_mpi_get_montgomery_constant_unsafe( &RR, &N ) );
+               mbedtls_mpi_core_get_mont_R2_unsafe( &RR, &N ) );
     N.s = 1;
 
 exit:
@@ -1449,9 +1449,9 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void mpi_get_montgomery_constant_unsafe( char * input_N,
-                                         char * input_RR_X4,
-                                         char * input_RR_X8 )
+void mpi_core_get_mont_R2_unsafe( char * input_N,
+                                  char * input_RR_X4,
+                                  char * input_RR_X8 )
 {
     mbedtls_mpi N, RR, RR_REF;
 
@@ -1471,7 +1471,7 @@ void mpi_get_montgomery_constant_unsafe( char * input_N,
     TEST_EQUAL( 1, sign_is_valid(&RR_REF));
 
     /* Test valid input */
-    TEST_EQUAL( 0, mbedtls_mpi_get_montgomery_constant_unsafe( &RR, &N ) );
+    TEST_EQUAL( 0, mbedtls_mpi_core_get_mont_R2_unsafe( &RR, &N ) );
 
     /* Test that the moduli is odd */
     TEST_EQUAL(N.p[0] ^ 1, N.p[0] - 1);
diff --git a/tests/suites/test_suite_bignum.misc.data b/tests/suites/test_suite_bignum.misc.data
index b93b18391..0c9e91785 100644
--- a/tests/suites/test_suite_bignum.misc.data
+++ b/tests/suites/test_suite_bignum.misc.data
@@ -1902,38 +1902,38 @@ mpi_random_fail:2:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
 MPI random bad arguments: min > N = 1, 0 limb in upper bound
 mpi_random_fail:2:"000000000000000001":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
 
-mbedtls_mpi_get_montgomery_constant_unsafe_neg
-mpi_get_montgomery_constant_unsafe_neg:
+mbedtls_mpi_core_get_mont_R2_unsafe_neg
+mpi_core_get_mont_R2_unsafe_neg:
 
-mbedtls_mpi_get_montgomery_constant_unsafe #1
-mpi_get_montgomery_constant_unsafe:"f":"1":"1"
+mbedtls_mpi_core_get_mont_R2_unsafe #1
+mpi_core_get_mont_R2_unsafe:"f":"1":"1"
 
-mbedtls_mpi_get_montgomery_constant_unsafe #2
-mpi_get_montgomery_constant_unsafe:"fd":"ec":"24"
+mbedtls_mpi_core_get_mont_R2_unsafe #2
+mpi_core_get_mont_R2_unsafe:"fd":"ec":"24"
 
-mbedtls_mpi_get_montgomery_constant_unsafe #3
-mpi_get_montgomery_constant_unsafe:"eeff99aa37":"a23bd6a686":"a23bd6a686"
+mbedtls_mpi_core_get_mont_R2_unsafe #3
+mpi_core_get_mont_R2_unsafe:"eeff99aa37":"a23bd6a686":"a23bd6a686"
 
-mbedtls_mpi_get_montgomery_constant_unsafe #4
-mpi_get_montgomery_constant_unsafe:"eeff99aa11":"3308cb71":"3308cb71"
+mbedtls_mpi_core_get_mont_R2_unsafe #4
+mpi_core_get_mont_R2_unsafe:"eeff99aa11":"3308cb71":"3308cb71"
 
-mbedtls_mpi_get_montgomery_constant_unsafe #5
-mpi_get_montgomery_constant_unsafe:"800000000005":"6400000000":"6400000000"
+mbedtls_mpi_core_get_mont_R2_unsafe #5
+mpi_core_get_mont_R2_unsafe:"800000000005":"6400000000":"6400000000"
 
-mbedtls_mpi_get_montgomery_constant_unsafe #6
-mpi_get_montgomery_constant_unsafe:"7fffffffffffffff":"4":"4"
+mbedtls_mpi_core_get_mont_R2_unsafe #6
+mpi_core_get_mont_R2_unsafe:"7fffffffffffffff":"4":"4"
 
-mbedtls_mpi_get_montgomery_constant_unsafe #7
-mpi_get_montgomery_constant_unsafe:"80fe000a10000001":"5dbc6e833bad575a":"5dbc6e833bad575a"
+mbedtls_mpi_core_get_mont_R2_unsafe #7
+mpi_core_get_mont_R2_unsafe:"80fe000a10000001":"5dbc6e833bad575a":"5dbc6e833bad575a"
 
-mbedtls_mpi_get_montgomery_constant_unsafe #8
-mpi_get_montgomery_constant_unsafe:"25a55a46e5da99c71c7":"11637ce1347edeaf669":"1e455bf7451c05bc711"
+mbedtls_mpi_core_get_mont_R2_unsafe #8
+mpi_core_get_mont_R2_unsafe:"25a55a46e5da99c71c7":"11637ce1347edeaf669":"1e455bf7451c05bc711"
 
-mbedtls_mpi_get_montgomery_constant_unsafe #9
-mpi_get_montgomery_constant_unsafe:"314dc643fb763f2b8c0e2de00879":"1058ad82120c3a10196bb36229c1":"1058ad82120c3a10196bb36229c1"
+mbedtls_mpi_core_get_mont_R2_unsafe #9
+mpi_core_get_mont_R2_unsafe:"314dc643fb763f2b8c0e2de00879":"1058ad82120c3a10196bb36229c1":"1058ad82120c3a10196bb36229c1"
 
-mbedtls_mpi_get_montgomery_constant_unsafe #10
-mpi_get_montgomery_constant_unsafe:"8335616aed761f1f7f44e6bd49e807b82e3bf2bf11bfa6af813c808dbf33dbfa11dabd6e6144bef37c6800000000000000000000000000000000051":"78a9f16233856e722242e964006ed8666bfe8e55ea736ea86ce7aa71511e36d9ea1509ad5d821f7777e4a2d885924d15cc11e2ccd85eba69ab04989":"5c9d20a5636b6d7abdec003c1ad87e7c88ebf7238a5d85800d3bc214512cd6269558728307ae94eb389e2ccd85eba69ab0493e8277211ce1be22db"
+mbedtls_mpi_core_get_mont_R2_unsafe #10
+mpi_core_get_mont_R2_unsafe:"8335616aed761f1f7f44e6bd49e807b82e3bf2bf11bfa6af813c808dbf33dbfa11dabd6e6144bef37c6800000000000000000000000000000000051":"78a9f16233856e722242e964006ed8666bfe8e55ea736ea86ce7aa71511e36d9ea1509ad5d821f7777e4a2d885924d15cc11e2ccd85eba69ab04989":"5c9d20a5636b6d7abdec003c1ad87e7c88ebf7238a5d85800d3bc214512cd6269558728307ae94eb389e2ccd85eba69ab0493e8277211ce1be22db"
 
 MPI Selftest
 depends_on:MBEDTLS_SELF_TEST

From b85506e250dc40ba6b4dde887fac5feaf3e47f30 Mon Sep 17 00:00:00 2001
From: Minos Galanakis <minos.galanakis@arm.com>
Date: Thu, 20 Oct 2022 09:51:53 +0100
Subject: [PATCH 04/10] bignum_core.h: Comment update for
 mbedtls_mpi_core_get_mont_R2_unsafe

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
---
 library/bignum_core.h | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/library/bignum_core.h b/library/bignum_core.h
index 57f27ddf2..d46aea3e0 100644
--- a/library/bignum_core.h
+++ b/library/bignum_core.h
@@ -413,11 +413,12 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
                                mbedtls_mpi_uint mm, mbedtls_mpi_uint *T );
 
 /**
- * \brief Calculate initialisation value for fast Montgomery modular
- *        multiplication
+ * \brief Calculate the square of the Montgomery constant. (Needed
+ *        for conversion and operations in Montgomery form.)
  *
  * \param[out] X  A pointer to the result of the calculation of
- *                Montgomery const 2^{2*n*biL} mod N.
+ *                the square of the Montgomery constant:
+ *                2^{2*n*biL} mod N.
  * \param[in]  N  Little-endian presentation of the modulus, which must be odd.
  *
  * \return        0 if successful.

From b9243ef231ce11a9efda4116ab0df3086f58ce91 Mon Sep 17 00:00:00 2001
From: Minos Galanakis <minos.galanakis@arm.com>
Date: Thu, 20 Oct 2022 10:06:16 +0100
Subject: [PATCH 05/10] test_suite_bignum: Fixed whitespace issues

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
---
 tests/suites/test_suite_bignum.function | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_bignum.function b/tests/suites/test_suite_bignum.function
index 4b5aee577..6b59a517f 100644
--- a/tests/suites/test_suite_bignum.function
+++ b/tests/suites/test_suite_bignum.function
@@ -1467,17 +1467,17 @@ void mpi_core_get_mont_R2_unsafe( char * input_N,
     TEST_EQUAL( 0, mbedtls_test_read_mpi( &RR_REF, input_rr ) );
 
     /* All of the inputs are +ve (or zero) */
-    TEST_EQUAL( 1, sign_is_valid(&N));
-    TEST_EQUAL( 1, sign_is_valid(&RR_REF));
+    TEST_EQUAL( 1, sign_is_valid( &N ) );
+    TEST_EQUAL( 1, sign_is_valid( &RR_REF ) );
 
     /* Test valid input */
     TEST_EQUAL( 0, mbedtls_mpi_core_get_mont_R2_unsafe( &RR, &N ) );
 
     /* Test that the moduli is odd */
-    TEST_EQUAL(N.p[0] ^ 1, N.p[0] - 1);
+    TEST_EQUAL( N.p[0] ^ 1, N.p[0] - 1 );
 
    /* Output is +ve (or zero) */
-    TEST_EQUAL( 1, sign_is_valid(&RR));
+    TEST_EQUAL( 1, sign_is_valid( &RR ) );
 
     /* rr is updated to a valid pointer */
     TEST_ASSERT( RR.p != NULL );

From e1913a8da8c4d868c2e7b408d03b8f48dab8534c Mon Sep 17 00:00:00 2001
From: Minos Galanakis <minos.galanakis@arm.com>
Date: Thu, 20 Oct 2022 10:44:40 +0100
Subject: [PATCH 06/10] test_suite_bignum: Updated test cases for
 mbedtls_mpi_core_get_mont_R2_unsafe

This patch adds tests for 192 and 2048 bits inputs.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
---
 tests/suites/test_suite_bignum.misc.data | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_bignum.misc.data b/tests/suites/test_suite_bignum.misc.data
index 0c9e91785..3aec84d19 100644
--- a/tests/suites/test_suite_bignum.misc.data
+++ b/tests/suites/test_suite_bignum.misc.data
@@ -1933,7 +1933,10 @@ mbedtls_mpi_core_get_mont_R2_unsafe #9
 mpi_core_get_mont_R2_unsafe:"314dc643fb763f2b8c0e2de00879":"1058ad82120c3a10196bb36229c1":"1058ad82120c3a10196bb36229c1"
 
 mbedtls_mpi_core_get_mont_R2_unsafe #10
-mpi_core_get_mont_R2_unsafe:"8335616aed761f1f7f44e6bd49e807b82e3bf2bf11bfa6af813c808dbf33dbfa11dabd6e6144bef37c6800000000000000000000000000000000051":"78a9f16233856e722242e964006ed8666bfe8e55ea736ea86ce7aa71511e36d9ea1509ad5d821f7777e4a2d885924d15cc11e2ccd85eba69ab04989":"5c9d20a5636b6d7abdec003c1ad87e7c88ebf7238a5d85800d3bc214512cd6269558728307ae94eb389e2ccd85eba69ab0493e8277211ce1be22db"
+mpi_core_get_mont_R2_unsafe:"8335616aed761f1f7f44e6bd49e807b82e3bf2bf11bfa63":"5d96a26447dca0cb7209c048f9e63e8dc623d67c8f44396":"5d96a26447dca0cb7209c048f9e63e8dc623d67c8f44396"
+
+mbedtls_mpi_core_get_mont_R2_unsafe #11
+mpi_core_get_mont_R2_unsafe:"d1cece570f2f991013f26dd5b03c4c5b65f97be5905f36cb4664f2c78ff80aa8135a4aaf57ccb8a0aca2f394909a74cef1ef6758a64d11e2c149c393659d124bfc94196f0ce88f7d7d567efa5a649e2deefaa6e10fdc3deac60d606bf63fc540ac95294347031aefd73d6a9ee10188aaeb7a90d920894553cb196881691cadc51808715a07e8b24fcb1a63df047c7cdf084dd177ba368c806f3d51ddb5d3898c863e687ecaf7d649a57a46264a582f94d3c8f2edaf59f77a7f6bdaf83c991e8f06abe220ec8507386fce8c3da84c6c3903ab8f3ad4630a204196a7dbcbd9bcca4e40ec5cc5c09938d49f5e1e6181db8896f33bb12e6ef73f12ec5c5ea7a8a337":"12d7243d92ebc8338221f6dcec8ad8a2ec64c10a98339c8721beb1cb79e629253a7aa35e25d5421e6c2b43ddc4310cf4443875c070a7a5a5cc2c4c3eefa8a133af2e477fb7bb5b5058c6120946a7f9f08f2fab51e2f243b9ba206d2bfd62e4ef647dda49100d7004794f28172be2d715905fbd2e9ab8588c774523c0e096b49b6855a10e5ce0d8498370949a29d71d293788bf10a71e2447d4b2f11959a72f7290e2950772d14c83f15532468745fa58a83fca8883b0b6169a27ec0cf922c4f39d283bb20fca5ff1de01d9c66b8a710108b951af634d56c843d9505bf2edd5a7b8f0b72a5c95672151e60075a78084e83fbe284617a90c74c8335cce38bb012e":"12d7243d92ebc8338221f6dcec8ad8a2ec64c10a98339c8721beb1cb79e629253a7aa35e25d5421e6c2b43ddc4310cf4443875c070a7a5a5cc2c4c3eefa8a133af2e477fb7bb5b5058c6120946a7f9f08f2fab51e2f243b9ba206d2bfd62e4ef647dda49100d7004794f28172be2d715905fbd2e9ab8588c774523c0e096b49b6855a10e5ce0d8498370949a29d71d293788bf10a71e2447d4b2f11959a72f7290e2950772d14c83f15532468745fa58a83fca8883b0b6169a27ec0cf922c4f39d283bb20fca5ff1de01d9c66b8a710108b951af634d56c843d9505bf2edd5a7b8f0b72a5c95672151e60075a78084e83fbe284617a90c74c8335cce38bb012e"
 
 MPI Selftest
 depends_on:MBEDTLS_SELF_TEST

From ae4fb671b4e55396c4538b5e7cb60e7885865891 Mon Sep 17 00:00:00 2001
From: Minos Galanakis <minos.galanakis@arm.com>
Date: Thu, 20 Oct 2022 10:47:26 +0100
Subject: [PATCH 07/10] mbedtls_mpi_core_get_mont_R2_unsafe: Removed NULL input
 checking

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
---
 library/bignum_core.c                   | 2 --
 library/bignum_core.h                   | 3 +--
 tests/suites/test_suite_bignum.function | 8 --------
 3 files changed, 1 insertion(+), 12 deletions(-)

diff --git a/library/bignum_core.c b/library/bignum_core.c
index a3547bd64..ad22a1542 100644
--- a/library/bignum_core.c
+++ b/library/bignum_core.c
@@ -516,8 +516,6 @@ int mbedtls_mpi_core_get_mont_R2_unsafe( mbedtls_mpi *X,
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
-    if ( X == NULL || N == NULL ) goto cleanup;
-
     MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 1 ) );
     MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( X, N->n * 2 * biL ) );
     MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( X, X, N ) );
diff --git a/library/bignum_core.h b/library/bignum_core.h
index d46aea3e0..9870da41f 100644
--- a/library/bignum_core.h
+++ b/library/bignum_core.h
@@ -426,8 +426,7 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
  *                to store the value of Montgomery constant squared.
  * \return        #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p N modulus is zero.
  * \return        #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p N modulus is negative.
- * \return        #MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED \p N, \p X are NULL
- *                or other operations fail.
+ * \return        #MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED if other operations fail.
  */
 int mbedtls_mpi_core_get_mont_R2_unsafe( mbedtls_mpi *X,
                                          mbedtls_mpi const *N );
diff --git a/tests/suites/test_suite_bignum.function b/tests/suites/test_suite_bignum.function
index 6b59a517f..b598ea624 100644
--- a/tests/suites/test_suite_bignum.function
+++ b/tests/suites/test_suite_bignum.function
@@ -4,7 +4,6 @@
 #include "mbedtls/entropy.h"
 #include "constant_time_internal.h"
 #include "test/constant_flow.h"
-#include "mbedtls/error.h"
 
 #if MBEDTLS_MPI_MAX_BITS > 792
 #define MPI_MAX_BITS_LARGER_THAN_792
@@ -1424,13 +1423,6 @@ void mpi_core_get_mont_R2_unsafe_neg(  )
     mbedtls_mpi_init( &RR );
     const char * n = "7ffffffffffffff1";
 
-    /* Test for NULL input pointers */
-    TEST_EQUAL( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED,
-               mbedtls_mpi_core_get_mont_R2_unsafe( NULL, &N ) );
-
-    TEST_EQUAL( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED,
-               mbedtls_mpi_core_get_mont_R2_unsafe( &RR, NULL ) );
-
     /* Test for zero divisor */
     TEST_EQUAL( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO,
                mbedtls_mpi_core_get_mont_R2_unsafe( &RR, &N ) );

From 51d638baf6a9081c2a42c845f24cd3591c1c84c5 Mon Sep 17 00:00:00 2001
From: Minos Galanakis <minos.galanakis@arm.com>
Date: Mon, 24 Oct 2022 09:59:44 +0100
Subject: [PATCH 08/10] bignum_core: Style update

'mbedtls_mpi_core_get_mont_R2_unsafe' aligns const
keyword to match the style of the rest of the module.

Documentation is also updated to remove
`MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED`.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
---
 library/bignum_core.c | 2 +-
 library/bignum_core.h | 3 +--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/library/bignum_core.c b/library/bignum_core.c
index ad22a1542..675eb3070 100644
--- a/library/bignum_core.c
+++ b/library/bignum_core.c
@@ -512,7 +512,7 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
 }
 
 int mbedtls_mpi_core_get_mont_R2_unsafe( mbedtls_mpi *X,
-                                         mbedtls_mpi const *N )
+                                         const mbedtls_mpi *N )
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
diff --git a/library/bignum_core.h b/library/bignum_core.h
index 9870da41f..f3d460929 100644
--- a/library/bignum_core.h
+++ b/library/bignum_core.h
@@ -426,9 +426,8 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
  *                to store the value of Montgomery constant squared.
  * \return        #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p N modulus is zero.
  * \return        #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p N modulus is negative.
- * \return        #MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED if other operations fail.
  */
 int mbedtls_mpi_core_get_mont_R2_unsafe( mbedtls_mpi *X,
-                                         mbedtls_mpi const *N );
+                                         const mbedtls_mpi *N );
 
 #endif /* MBEDTLS_BIGNUM_CORE_H */

From a081c51cd3aac62f5cc28ed901337762d427cfe1 Mon Sep 17 00:00:00 2001
From: Minos Galanakis <minos.galanakis@arm.com>
Date: Mon, 24 Oct 2022 12:16:28 +0100
Subject: [PATCH 09/10] Renamed mpi_core_get_mont_R2_unsafe_neg ->
 mpi_core_get_mont_r2_unsafe_neg

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
---
 library/bignum_core.c                    |  2 +-
 library/bignum_core.h                    |  2 +-
 tests/suites/test_suite_bignum.function  | 10 ++---
 tests/suites/test_suite_bignum.misc.data | 48 ++++++++++++------------
 4 files changed, 31 insertions(+), 31 deletions(-)

diff --git a/library/bignum_core.c b/library/bignum_core.c
index 675eb3070..963af5b18 100644
--- a/library/bignum_core.c
+++ b/library/bignum_core.c
@@ -511,7 +511,7 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
     mbedtls_ct_mpi_uint_cond_assign( AN_limbs, X, T, (unsigned char) ( carry ^ borrow ) );
 }
 
-int mbedtls_mpi_core_get_mont_R2_unsafe( mbedtls_mpi *X,
+int mbedtls_mpi_core_get_mont_r2_unsafe( mbedtls_mpi *X,
                                          const mbedtls_mpi *N )
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
diff --git a/library/bignum_core.h b/library/bignum_core.h
index f3d460929..503bc1d33 100644
--- a/library/bignum_core.h
+++ b/library/bignum_core.h
@@ -427,7 +427,7 @@ void mbedtls_mpi_core_montmul( mbedtls_mpi_uint *X,
  * \return        #MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if \p N modulus is zero.
  * \return        #MBEDTLS_ERR_MPI_NEGATIVE_VALUE if \p N modulus is negative.
  */
-int mbedtls_mpi_core_get_mont_R2_unsafe( mbedtls_mpi *X,
+int mbedtls_mpi_core_get_mont_r2_unsafe( mbedtls_mpi *X,
                                          const mbedtls_mpi *N );
 
 #endif /* MBEDTLS_BIGNUM_CORE_H */
diff --git a/tests/suites/test_suite_bignum.function b/tests/suites/test_suite_bignum.function
index b598ea624..fc3e9ef91 100644
--- a/tests/suites/test_suite_bignum.function
+++ b/tests/suites/test_suite_bignum.function
@@ -1416,7 +1416,7 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void mpi_core_get_mont_R2_unsafe_neg(  )
+void mpi_core_get_mont_r2_unsafe_neg(  )
 {
     mbedtls_mpi N, RR;
     mbedtls_mpi_init( &N );
@@ -1425,13 +1425,13 @@ void mpi_core_get_mont_R2_unsafe_neg(  )
 
     /* Test for zero divisor */
     TEST_EQUAL( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO,
-               mbedtls_mpi_core_get_mont_R2_unsafe( &RR, &N ) );
+               mbedtls_mpi_core_get_mont_r2_unsafe( &RR, &N ) );
 
     /* Test for negative input */
     TEST_EQUAL( 0, mbedtls_test_read_mpi( &N, n ) );
     N.s = -1;
     TEST_EQUAL( MBEDTLS_ERR_MPI_NEGATIVE_VALUE,
-               mbedtls_mpi_core_get_mont_R2_unsafe( &RR, &N ) );
+               mbedtls_mpi_core_get_mont_r2_unsafe( &RR, &N ) );
     N.s = 1;
 
 exit:
@@ -1441,7 +1441,7 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void mpi_core_get_mont_R2_unsafe( char * input_N,
+void mpi_core_get_mont_r2_unsafe( char * input_N,
                                   char * input_RR_X4,
                                   char * input_RR_X8 )
 {
@@ -1463,7 +1463,7 @@ void mpi_core_get_mont_R2_unsafe( char * input_N,
     TEST_EQUAL( 1, sign_is_valid( &RR_REF ) );
 
     /* Test valid input */
-    TEST_EQUAL( 0, mbedtls_mpi_core_get_mont_R2_unsafe( &RR, &N ) );
+    TEST_EQUAL( 0, mbedtls_mpi_core_get_mont_r2_unsafe( &RR, &N ) );
 
     /* Test that the moduli is odd */
     TEST_EQUAL( N.p[0] ^ 1, N.p[0] - 1 );
diff --git a/tests/suites/test_suite_bignum.misc.data b/tests/suites/test_suite_bignum.misc.data
index 3aec84d19..f3522df8a 100644
--- a/tests/suites/test_suite_bignum.misc.data
+++ b/tests/suites/test_suite_bignum.misc.data
@@ -1902,41 +1902,41 @@ mpi_random_fail:2:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
 MPI random bad arguments: min > N = 1, 0 limb in upper bound
 mpi_random_fail:2:"000000000000000001":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
 
-mbedtls_mpi_core_get_mont_R2_unsafe_neg
-mpi_core_get_mont_R2_unsafe_neg:
+mbedtls_mpi_core_get_mont_r2_unsafe_neg
+mpi_core_get_mont_r2_unsafe_neg:
 
-mbedtls_mpi_core_get_mont_R2_unsafe #1
-mpi_core_get_mont_R2_unsafe:"f":"1":"1"
+mbedtls_mpi_core_get_mont_r2_unsafe #1
+mpi_core_get_mont_r2_unsafe:"f":"1":"1"
 
-mbedtls_mpi_core_get_mont_R2_unsafe #2
-mpi_core_get_mont_R2_unsafe:"fd":"ec":"24"
+mbedtls_mpi_core_get_mont_r2_unsafe #2
+mpi_core_get_mont_r2_unsafe:"fd":"ec":"24"
 
-mbedtls_mpi_core_get_mont_R2_unsafe #3
-mpi_core_get_mont_R2_unsafe:"eeff99aa37":"a23bd6a686":"a23bd6a686"
+mbedtls_mpi_core_get_mont_r2_unsafe #3
+mpi_core_get_mont_r2_unsafe:"eeff99aa37":"a23bd6a686":"a23bd6a686"
 
-mbedtls_mpi_core_get_mont_R2_unsafe #4
-mpi_core_get_mont_R2_unsafe:"eeff99aa11":"3308cb71":"3308cb71"
+mbedtls_mpi_core_get_mont_r2_unsafe #4
+mpi_core_get_mont_r2_unsafe:"eeff99aa11":"3308cb71":"3308cb71"
 
-mbedtls_mpi_core_get_mont_R2_unsafe #5
-mpi_core_get_mont_R2_unsafe:"800000000005":"6400000000":"6400000000"
+mbedtls_mpi_core_get_mont_r2_unsafe #5
+mpi_core_get_mont_r2_unsafe:"800000000005":"6400000000":"6400000000"
 
-mbedtls_mpi_core_get_mont_R2_unsafe #6
-mpi_core_get_mont_R2_unsafe:"7fffffffffffffff":"4":"4"
+mbedtls_mpi_core_get_mont_r2_unsafe #6
+mpi_core_get_mont_r2_unsafe:"7fffffffffffffff":"4":"4"
 
-mbedtls_mpi_core_get_mont_R2_unsafe #7
-mpi_core_get_mont_R2_unsafe:"80fe000a10000001":"5dbc6e833bad575a":"5dbc6e833bad575a"
+mbedtls_mpi_core_get_mont_r2_unsafe #7
+mpi_core_get_mont_r2_unsafe:"80fe000a10000001":"5dbc6e833bad575a":"5dbc6e833bad575a"
 
-mbedtls_mpi_core_get_mont_R2_unsafe #8
-mpi_core_get_mont_R2_unsafe:"25a55a46e5da99c71c7":"11637ce1347edeaf669":"1e455bf7451c05bc711"
+mbedtls_mpi_core_get_mont_r2_unsafe #8
+mpi_core_get_mont_r2_unsafe:"25a55a46e5da99c71c7":"11637ce1347edeaf669":"1e455bf7451c05bc711"
 
-mbedtls_mpi_core_get_mont_R2_unsafe #9
-mpi_core_get_mont_R2_unsafe:"314dc643fb763f2b8c0e2de00879":"1058ad82120c3a10196bb36229c1":"1058ad82120c3a10196bb36229c1"
+mbedtls_mpi_core_get_mont_r2_unsafe #9
+mpi_core_get_mont_r2_unsafe:"314dc643fb763f2b8c0e2de00879":"1058ad82120c3a10196bb36229c1":"1058ad82120c3a10196bb36229c1"
 
-mbedtls_mpi_core_get_mont_R2_unsafe #10
-mpi_core_get_mont_R2_unsafe:"8335616aed761f1f7f44e6bd49e807b82e3bf2bf11bfa63":"5d96a26447dca0cb7209c048f9e63e8dc623d67c8f44396":"5d96a26447dca0cb7209c048f9e63e8dc623d67c8f44396"
+mbedtls_mpi_core_get_mont_r2_unsafe #10
+mpi_core_get_mont_r2_unsafe:"8335616aed761f1f7f44e6bd49e807b82e3bf2bf11bfa63":"5d96a26447dca0cb7209c048f9e63e8dc623d67c8f44396":"5d96a26447dca0cb7209c048f9e63e8dc623d67c8f44396"
 
-mbedtls_mpi_core_get_mont_R2_unsafe #11
-mpi_core_get_mont_R2_unsafe:"d1cece570f2f991013f26dd5b03c4c5b65f97be5905f36cb4664f2c78ff80aa8135a4aaf57ccb8a0aca2f394909a74cef1ef6758a64d11e2c149c393659d124bfc94196f0ce88f7d7d567efa5a649e2deefaa6e10fdc3deac60d606bf63fc540ac95294347031aefd73d6a9ee10188aaeb7a90d920894553cb196881691cadc51808715a07e8b24fcb1a63df047c7cdf084dd177ba368c806f3d51ddb5d3898c863e687ecaf7d649a57a46264a582f94d3c8f2edaf59f77a7f6bdaf83c991e8f06abe220ec8507386fce8c3da84c6c3903ab8f3ad4630a204196a7dbcbd9bcca4e40ec5cc5c09938d49f5e1e6181db8896f33bb12e6ef73f12ec5c5ea7a8a337":"12d7243d92ebc8338221f6dcec8ad8a2ec64c10a98339c8721beb1cb79e629253a7aa35e25d5421e6c2b43ddc4310cf4443875c070a7a5a5cc2c4c3eefa8a133af2e477fb7bb5b5058c6120946a7f9f08f2fab51e2f243b9ba206d2bfd62e4ef647dda49100d7004794f28172be2d715905fbd2e9ab8588c774523c0e096b49b6855a10e5ce0d8498370949a29d71d293788bf10a71e2447d4b2f11959a72f7290e2950772d14c83f15532468745fa58a83fca8883b0b6169a27ec0cf922c4f39d283bb20fca5ff1de01d9c66b8a710108b951af634d56c843d9505bf2edd5a7b8f0b72a5c95672151e60075a78084e83fbe284617a90c74c8335cce38bb012e":"12d7243d92ebc8338221f6dcec8ad8a2ec64c10a98339c8721beb1cb79e629253a7aa35e25d5421e6c2b43ddc4310cf4443875c070a7a5a5cc2c4c3eefa8a133af2e477fb7bb5b5058c6120946a7f9f08f2fab51e2f243b9ba206d2bfd62e4ef647dda49100d7004794f28172be2d715905fbd2e9ab8588c774523c0e096b49b6855a10e5ce0d8498370949a29d71d293788bf10a71e2447d4b2f11959a72f7290e2950772d14c83f15532468745fa58a83fca8883b0b6169a27ec0cf922c4f39d283bb20fca5ff1de01d9c66b8a710108b951af634d56c843d9505bf2edd5a7b8f0b72a5c95672151e60075a78084e83fbe284617a90c74c8335cce38bb012e"
+mbedtls_mpi_core_get_mont_r2_unsafe #11
+mpi_core_get_mont_r2_unsafe:"d1cece570f2f991013f26dd5b03c4c5b65f97be5905f36cb4664f2c78ff80aa8135a4aaf57ccb8a0aca2f394909a74cef1ef6758a64d11e2c149c393659d124bfc94196f0ce88f7d7d567efa5a649e2deefaa6e10fdc3deac60d606bf63fc540ac95294347031aefd73d6a9ee10188aaeb7a90d920894553cb196881691cadc51808715a07e8b24fcb1a63df047c7cdf084dd177ba368c806f3d51ddb5d3898c863e687ecaf7d649a57a46264a582f94d3c8f2edaf59f77a7f6bdaf83c991e8f06abe220ec8507386fce8c3da84c6c3903ab8f3ad4630a204196a7dbcbd9bcca4e40ec5cc5c09938d49f5e1e6181db8896f33bb12e6ef73f12ec5c5ea7a8a337":"12d7243d92ebc8338221f6dcec8ad8a2ec64c10a98339c8721beb1cb79e629253a7aa35e25d5421e6c2b43ddc4310cf4443875c070a7a5a5cc2c4c3eefa8a133af2e477fb7bb5b5058c6120946a7f9f08f2fab51e2f243b9ba206d2bfd62e4ef647dda49100d7004794f28172be2d715905fbd2e9ab8588c774523c0e096b49b6855a10e5ce0d8498370949a29d71d293788bf10a71e2447d4b2f11959a72f7290e2950772d14c83f15532468745fa58a83fca8883b0b6169a27ec0cf922c4f39d283bb20fca5ff1de01d9c66b8a710108b951af634d56c843d9505bf2edd5a7b8f0b72a5c95672151e60075a78084e83fbe284617a90c74c8335cce38bb012e":"12d7243d92ebc8338221f6dcec8ad8a2ec64c10a98339c8721beb1cb79e629253a7aa35e25d5421e6c2b43ddc4310cf4443875c070a7a5a5cc2c4c3eefa8a133af2e477fb7bb5b5058c6120946a7f9f08f2fab51e2f243b9ba206d2bfd62e4ef647dda49100d7004794f28172be2d715905fbd2e9ab8588c774523c0e096b49b6855a10e5ce0d8498370949a29d71d293788bf10a71e2447d4b2f11959a72f7290e2950772d14c83f15532468745fa58a83fca8883b0b6169a27ec0cf922c4f39d283bb20fca5ff1de01d9c66b8a710108b951af634d56c843d9505bf2edd5a7b8f0b72a5c95672151e60075a78084e83fbe284617a90c74c8335cce38bb012e"
 
 MPI Selftest
 depends_on:MBEDTLS_SELF_TEST

From 37ca3a9acdaa2e7d2f1c991d0616181b84275902 Mon Sep 17 00:00:00 2001
From: Minos Galanakis <minos.galanakis@arm.com>
Date: Tue, 25 Oct 2022 15:59:09 +0100
Subject: [PATCH 10/10] Moved tests from test_suite_bignum to
 test_suite_bignum_core

This patch moves the following tests to test_suite_bignum_core:
* `mbedtls_mpi_core_get_mont_r2_unsafe_neg()`
* `mbedtls_mpi_core_get_mont_r2_unsafe()`

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
---
 tests/suites/test_suite_bignum.function       | 70 -------------------
 tests/suites/test_suite_bignum.misc.data      | 36 ----------
 tests/suites/test_suite_bignum_core.function  | 69 ++++++++++++++++++
 tests/suites/test_suite_bignum_core.misc.data | 36 ++++++++++
 4 files changed, 105 insertions(+), 106 deletions(-)

diff --git a/tests/suites/test_suite_bignum.function b/tests/suites/test_suite_bignum.function
index fc3e9ef91..4cec0a7c7 100644
--- a/tests/suites/test_suite_bignum.function
+++ b/tests/suites/test_suite_bignum.function
@@ -1,6 +1,5 @@
 /* BEGIN_HEADER */
 #include "mbedtls/bignum.h"
-#include "bignum_core.h"
 #include "mbedtls/entropy.h"
 #include "constant_time_internal.h"
 #include "test/constant_flow.h"
@@ -1415,75 +1414,6 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
-void mpi_core_get_mont_r2_unsafe_neg(  )
-{
-    mbedtls_mpi N, RR;
-    mbedtls_mpi_init( &N );
-    mbedtls_mpi_init( &RR );
-    const char * n = "7ffffffffffffff1";
-
-    /* Test for zero divisor */
-    TEST_EQUAL( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO,
-               mbedtls_mpi_core_get_mont_r2_unsafe( &RR, &N ) );
-
-    /* Test for negative input */
-    TEST_EQUAL( 0, mbedtls_test_read_mpi( &N, n ) );
-    N.s = -1;
-    TEST_EQUAL( MBEDTLS_ERR_MPI_NEGATIVE_VALUE,
-               mbedtls_mpi_core_get_mont_r2_unsafe( &RR, &N ) );
-    N.s = 1;
-
-exit:
-    mbedtls_mpi_free( &N );
-    mbedtls_mpi_free( &RR );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mpi_core_get_mont_r2_unsafe( char * input_N,
-                                  char * input_RR_X4,
-                                  char * input_RR_X8 )
-{
-    mbedtls_mpi N, RR, RR_REF;
-
-    /* Select the appropriate output */
-    char * input_rr = ( sizeof(mbedtls_mpi_uint) == 4 ) ? input_RR_X4: input_RR_X8;
-
-    mbedtls_mpi_init( &N );
-    mbedtls_mpi_init( &RR );
-    mbedtls_mpi_init( &RR_REF );
-
-    /* Read inputs */
-    TEST_EQUAL( 0, mbedtls_test_read_mpi( &N, input_N ) );
-    TEST_EQUAL( 0, mbedtls_test_read_mpi( &RR_REF, input_rr ) );
-
-    /* All of the inputs are +ve (or zero) */
-    TEST_EQUAL( 1, sign_is_valid( &N ) );
-    TEST_EQUAL( 1, sign_is_valid( &RR_REF ) );
-
-    /* Test valid input */
-    TEST_EQUAL( 0, mbedtls_mpi_core_get_mont_r2_unsafe( &RR, &N ) );
-
-    /* Test that the moduli is odd */
-    TEST_EQUAL( N.p[0] ^ 1, N.p[0] - 1 );
-
-   /* Output is +ve (or zero) */
-    TEST_EQUAL( 1, sign_is_valid( &RR ) );
-
-    /* rr is updated to a valid pointer */
-    TEST_ASSERT( RR.p != NULL );
-
-    /* Calculated rr matches expected value */
-    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &RR, &RR_REF ) == 0 );
-
-exit:
-    mbedtls_mpi_free( &N );
-    mbedtls_mpi_free( &RR );
-    mbedtls_mpi_free( &RR_REF );
-}
-/* END_CASE */
-
 /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
 void mpi_selftest(  )
 {
diff --git a/tests/suites/test_suite_bignum.misc.data b/tests/suites/test_suite_bignum.misc.data
index f3522df8a..78afcb64c 100644
--- a/tests/suites/test_suite_bignum.misc.data
+++ b/tests/suites/test_suite_bignum.misc.data
@@ -1902,42 +1902,6 @@ mpi_random_fail:2:"01":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
 MPI random bad arguments: min > N = 1, 0 limb in upper bound
 mpi_random_fail:2:"000000000000000001":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
 
-mbedtls_mpi_core_get_mont_r2_unsafe_neg
-mpi_core_get_mont_r2_unsafe_neg:
-
-mbedtls_mpi_core_get_mont_r2_unsafe #1
-mpi_core_get_mont_r2_unsafe:"f":"1":"1"
-
-mbedtls_mpi_core_get_mont_r2_unsafe #2
-mpi_core_get_mont_r2_unsafe:"fd":"ec":"24"
-
-mbedtls_mpi_core_get_mont_r2_unsafe #3
-mpi_core_get_mont_r2_unsafe:"eeff99aa37":"a23bd6a686":"a23bd6a686"
-
-mbedtls_mpi_core_get_mont_r2_unsafe #4
-mpi_core_get_mont_r2_unsafe:"eeff99aa11":"3308cb71":"3308cb71"
-
-mbedtls_mpi_core_get_mont_r2_unsafe #5
-mpi_core_get_mont_r2_unsafe:"800000000005":"6400000000":"6400000000"
-
-mbedtls_mpi_core_get_mont_r2_unsafe #6
-mpi_core_get_mont_r2_unsafe:"7fffffffffffffff":"4":"4"
-
-mbedtls_mpi_core_get_mont_r2_unsafe #7
-mpi_core_get_mont_r2_unsafe:"80fe000a10000001":"5dbc6e833bad575a":"5dbc6e833bad575a"
-
-mbedtls_mpi_core_get_mont_r2_unsafe #8
-mpi_core_get_mont_r2_unsafe:"25a55a46e5da99c71c7":"11637ce1347edeaf669":"1e455bf7451c05bc711"
-
-mbedtls_mpi_core_get_mont_r2_unsafe #9
-mpi_core_get_mont_r2_unsafe:"314dc643fb763f2b8c0e2de00879":"1058ad82120c3a10196bb36229c1":"1058ad82120c3a10196bb36229c1"
-
-mbedtls_mpi_core_get_mont_r2_unsafe #10
-mpi_core_get_mont_r2_unsafe:"8335616aed761f1f7f44e6bd49e807b82e3bf2bf11bfa63":"5d96a26447dca0cb7209c048f9e63e8dc623d67c8f44396":"5d96a26447dca0cb7209c048f9e63e8dc623d67c8f44396"
-
-mbedtls_mpi_core_get_mont_r2_unsafe #11
-mpi_core_get_mont_r2_unsafe:"d1cece570f2f991013f26dd5b03c4c5b65f97be5905f36cb4664f2c78ff80aa8135a4aaf57ccb8a0aca2f394909a74cef1ef6758a64d11e2c149c393659d124bfc94196f0ce88f7d7d567efa5a649e2deefaa6e10fdc3deac60d606bf63fc540ac95294347031aefd73d6a9ee10188aaeb7a90d920894553cb196881691cadc51808715a07e8b24fcb1a63df047c7cdf084dd177ba368c806f3d51ddb5d3898c863e687ecaf7d649a57a46264a582f94d3c8f2edaf59f77a7f6bdaf83c991e8f06abe220ec8507386fce8c3da84c6c3903ab8f3ad4630a204196a7dbcbd9bcca4e40ec5cc5c09938d49f5e1e6181db8896f33bb12e6ef73f12ec5c5ea7a8a337":"12d7243d92ebc8338221f6dcec8ad8a2ec64c10a98339c8721beb1cb79e629253a7aa35e25d5421e6c2b43ddc4310cf4443875c070a7a5a5cc2c4c3eefa8a133af2e477fb7bb5b5058c6120946a7f9f08f2fab51e2f243b9ba206d2bfd62e4ef647dda49100d7004794f28172be2d715905fbd2e9ab8588c774523c0e096b49b6855a10e5ce0d8498370949a29d71d293788bf10a71e2447d4b2f11959a72f7290e2950772d14c83f15532468745fa58a83fca8883b0b6169a27ec0cf922c4f39d283bb20fca5ff1de01d9c66b8a710108b951af634d56c843d9505bf2edd5a7b8f0b72a5c95672151e60075a78084e83fbe284617a90c74c8335cce38bb012e":"12d7243d92ebc8338221f6dcec8ad8a2ec64c10a98339c8721beb1cb79e629253a7aa35e25d5421e6c2b43ddc4310cf4443875c070a7a5a5cc2c4c3eefa8a133af2e477fb7bb5b5058c6120946a7f9f08f2fab51e2f243b9ba206d2bfd62e4ef647dda49100d7004794f28172be2d715905fbd2e9ab8588c774523c0e096b49b6855a10e5ce0d8498370949a29d71d293788bf10a71e2447d4b2f11959a72f7290e2950772d14c83f15532468745fa58a83fca8883b0b6169a27ec0cf922c4f39d283bb20fca5ff1de01d9c66b8a710108b951af634d56c843d9505bf2edd5a7b8f0b72a5c95672151e60075a78084e83fbe284617a90c74c8335cce38bb012e"
-
 MPI Selftest
 depends_on:MBEDTLS_SELF_TEST
 mpi_selftest:
diff --git a/tests/suites/test_suite_bignum_core.function b/tests/suites/test_suite_bignum_core.function
index fb5fe3ae4..74ee27a0b 100644
--- a/tests/suites/test_suite_bignum_core.function
+++ b/tests/suites/test_suite_bignum_core.function
@@ -766,3 +766,72 @@ exit:
     mbedtls_mpi_free( &R );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_core_get_mont_r2_unsafe_neg(  )
+{
+    mbedtls_mpi N, RR;
+    mbedtls_mpi_init( &N );
+    mbedtls_mpi_init( &RR );
+    const char * n = "7ffffffffffffff1";
+
+    /* Test for zero divisor */
+    TEST_EQUAL( MBEDTLS_ERR_MPI_DIVISION_BY_ZERO,
+               mbedtls_mpi_core_get_mont_r2_unsafe( &RR, &N ) );
+
+    /* Test for negative input */
+    TEST_EQUAL( 0, mbedtls_test_read_mpi( &N, n ) );
+    N.s = -1;
+    TEST_EQUAL( MBEDTLS_ERR_MPI_NEGATIVE_VALUE,
+               mbedtls_mpi_core_get_mont_r2_unsafe( &RR, &N ) );
+    N.s = 1;
+
+exit:
+    mbedtls_mpi_free( &N );
+    mbedtls_mpi_free( &RR );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_core_get_mont_r2_unsafe( char * input_N,
+                                  char * input_RR_X4,
+                                  char * input_RR_X8 )
+{
+    mbedtls_mpi N, RR, RR_REF;
+
+    /* Select the appropriate output */
+    char * input_rr = ( sizeof(mbedtls_mpi_uint) == 4 ) ? input_RR_X4: input_RR_X8;
+
+    mbedtls_mpi_init( &N );
+    mbedtls_mpi_init( &RR );
+    mbedtls_mpi_init( &RR_REF );
+
+    /* Read inputs */
+    TEST_EQUAL( 0, mbedtls_test_read_mpi( &N, input_N ) );
+    TEST_EQUAL( 0, mbedtls_test_read_mpi( &RR_REF, input_rr ) );
+
+    /* All of the inputs are +ve (or zero) */
+    TEST_EQUAL( 1, N.s );
+    TEST_EQUAL( 1, RR_REF.s );
+
+    /* Test valid input */
+    TEST_EQUAL( 0, mbedtls_mpi_core_get_mont_r2_unsafe( &RR, &N ) );
+
+    /* Test that the moduli is odd */
+    TEST_EQUAL( N.p[0] ^ 1, N.p[0] - 1 );
+
+   /* Output is +ve (or zero) */
+    TEST_EQUAL( 1, RR_REF.s );
+
+    /* rr is updated to a valid pointer */
+    TEST_ASSERT( RR.p != NULL );
+
+    /* Calculated rr matches expected value */
+    TEST_ASSERT( mbedtls_mpi_cmp_mpi( &RR, &RR_REF ) == 0 );
+
+exit:
+    mbedtls_mpi_free( &N );
+    mbedtls_mpi_free( &RR );
+    mbedtls_mpi_free( &RR_REF );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_bignum_core.misc.data b/tests/suites/test_suite_bignum_core.misc.data
index cb6fe424b..a8fe9ab9d 100644
--- a/tests/suites/test_suite_bignum_core.misc.data
+++ b/tests/suites/test_suite_bignum_core.misc.data
@@ -328,3 +328,39 @@ mpi_montg_init:"baea2d65939296fc2536f18f2a4042a741f33088ecd5000e76c67a466e7a1e69
 
 mbedtls_mpi_montg_init #15
 mpi_montg_init:"bf741f75e28a44e271cf43e68dbadd23c72d2f2e1fc78a6d6aaaadf2ccbf26c9a232aff5b3f3f29323b114f3018144ed9438943e07820e222137d3bb229b61671e61f75f6021a26436df9e669929fa392df021f105d2fce0717468a522018721ccde541b9a7b558128419f457ef33a5753f00c20c2d709727eef6278c55b278b10abe1d13e538514128b5dcb7bfd015e0fdcb081555071813974135d5ab5000630a94f5b0f4021a504ab4f3df2403e6140b9939f8bbe714635f5cff10744be03":"aab901da57bba355"
+
+mbedtls_mpi_core_get_mont_r2_unsafe_neg
+mpi_core_get_mont_r2_unsafe_neg:
+
+mbedtls_mpi_core_get_mont_r2_unsafe #1
+mpi_core_get_mont_r2_unsafe:"f":"1":"1"
+
+mbedtls_mpi_core_get_mont_r2_unsafe #2
+mpi_core_get_mont_r2_unsafe:"fd":"ec":"24"
+
+mbedtls_mpi_core_get_mont_r2_unsafe #3
+mpi_core_get_mont_r2_unsafe:"eeff99aa37":"a23bd6a686":"a23bd6a686"
+
+mbedtls_mpi_core_get_mont_r2_unsafe #4
+mpi_core_get_mont_r2_unsafe:"eeff99aa11":"3308cb71":"3308cb71"
+
+mbedtls_mpi_core_get_mont_r2_unsafe #5
+mpi_core_get_mont_r2_unsafe:"800000000005":"6400000000":"6400000000"
+
+mbedtls_mpi_core_get_mont_r2_unsafe #6
+mpi_core_get_mont_r2_unsafe:"7fffffffffffffff":"4":"4"
+
+mbedtls_mpi_core_get_mont_r2_unsafe #7
+mpi_core_get_mont_r2_unsafe:"80fe000a10000001":"5dbc6e833bad575a":"5dbc6e833bad575a"
+
+mbedtls_mpi_core_get_mont_r2_unsafe #8
+mpi_core_get_mont_r2_unsafe:"25a55a46e5da99c71c7":"11637ce1347edeaf669":"1e455bf7451c05bc711"
+
+mbedtls_mpi_core_get_mont_r2_unsafe #9
+mpi_core_get_mont_r2_unsafe:"314dc643fb763f2b8c0e2de00879":"1058ad82120c3a10196bb36229c1":"1058ad82120c3a10196bb36229c1"
+
+mbedtls_mpi_core_get_mont_r2_unsafe #10
+mpi_core_get_mont_r2_unsafe:"8335616aed761f1f7f44e6bd49e807b82e3bf2bf11bfa63":"5d96a26447dca0cb7209c048f9e63e8dc623d67c8f44396":"5d96a26447dca0cb7209c048f9e63e8dc623d67c8f44396"
+
+mbedtls_mpi_core_get_mont_r2_unsafe #11
+mpi_core_get_mont_r2_unsafe:"d1cece570f2f991013f26dd5b03c4c5b65f97be5905f36cb4664f2c78ff80aa8135a4aaf57ccb8a0aca2f394909a74cef1ef6758a64d11e2c149c393659d124bfc94196f0ce88f7d7d567efa5a649e2deefaa6e10fdc3deac60d606bf63fc540ac95294347031aefd73d6a9ee10188aaeb7a90d920894553cb196881691cadc51808715a07e8b24fcb1a63df047c7cdf084dd177ba368c806f3d51ddb5d3898c863e687ecaf7d649a57a46264a582f94d3c8f2edaf59f77a7f6bdaf83c991e8f06abe220ec8507386fce8c3da84c6c3903ab8f3ad4630a204196a7dbcbd9bcca4e40ec5cc5c09938d49f5e1e6181db8896f33bb12e6ef73f12ec5c5ea7a8a337":"12d7243d92ebc8338221f6dcec8ad8a2ec64c10a98339c8721beb1cb79e629253a7aa35e25d5421e6c2b43ddc4310cf4443875c070a7a5a5cc2c4c3eefa8a133af2e477fb7bb5b5058c6120946a7f9f08f2fab51e2f243b9ba206d2bfd62e4ef647dda49100d7004794f28172be2d715905fbd2e9ab8588c774523c0e096b49b6855a10e5ce0d8498370949a29d71d293788bf10a71e2447d4b2f11959a72f7290e2950772d14c83f15532468745fa58a83fca8883b0b6169a27ec0cf922c4f39d283bb20fca5ff1de01d9c66b8a710108b951af634d56c843d9505bf2edd5a7b8f0b72a5c95672151e60075a78084e83fbe284617a90c74c8335cce38bb012e":"12d7243d92ebc8338221f6dcec8ad8a2ec64c10a98339c8721beb1cb79e629253a7aa35e25d5421e6c2b43ddc4310cf4443875c070a7a5a5cc2c4c3eefa8a133af2e477fb7bb5b5058c6120946a7f9f08f2fab51e2f243b9ba206d2bfd62e4ef647dda49100d7004794f28172be2d715905fbd2e9ab8588c774523c0e096b49b6855a10e5ce0d8498370949a29d71d293788bf10a71e2447d4b2f11959a72f7290e2950772d14c83f15532468745fa58a83fca8883b0b6169a27ec0cf922c4f39d283bb20fca5ff1de01d9c66b8a710108b951af634d56c843d9505bf2edd5a7b8f0b72a5c95672151e60075a78084e83fbe284617a90c74c8335cce38bb012e"