Lines Matching defs:phi
33 * We want to invert e modulo phi = (p-1)(q-1). This first
34 * requires computing phi, which is easy since we have the factors
37 * Since p = 3 mod 4 and q = 3 mod 4, phi/4 is an odd integer.
38 * We could invert e modulo phi/4 then patch the result to
39 * modulo phi, but this would involve assembling three modulus-wide
40 * values (phi/4, 1 and e) and calling moddiv, that requires
47 * - We compute phi = k*e + r (Euclidean division of phi by e).
49 * invertible modulo phi). We also have k != 0 since we
58 * the above implies d < r + e*((phi-r)/e) = phi
62 uint32_t *p, *q, *k, *m, *z, *phi;
117 * Compute phi = (p-1)*(q-1), then move it over p-1 and q-1 (that
125 phi = q + 1 + qlen;
126 br_i31_zero(phi, p[0]);
127 br_i31_mulacc(phi, p, q);
128 len = (phi[0] + 31) >> 5;
129 memmove(tmp, phi, (1 + len) * sizeof *phi);
130 phi = tmp;
131 phi[0] = br_i31_bit_length(phi + 1, len);
132 len = (phi[0] + 31) >> 5;
135 * Divide phi by public exponent e. The final remainder r must be
137 * which we write over phi, since we don't need phi after that.
142 * Upon entry, r < e, and phi[u] < 2^31; hence,
150 lo = (r << 31) + phi[u];
151 phi[u] = br_divrem(hi, lo, e, &r);
156 k = phi;
301 * length is that of phi.