Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 63be5b53 authored by Eric Biggers's avatar Eric Biggers Committed by Herbert Xu
Browse files

crypto: gf128mul - fix some comments 



Fix incorrect references to GF(128) instead of GF(2^128), as these are
two entirely different fields, and fix a few other incorrect comments.

Cc: Alex Cope <alexcope@google.com>
Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 28b62b14

crypto/gf128mul.c

+7 −6
Original line number Diff line number Diff line
@@ -44,7 +44,7 @@ 
 ---------------------------------------------------------------------------

 Issue 31/01/2006



 This file provides fast multiplication in GF(128) as required by several

 This file provides fast multiplication in GF(2^128) as required by several

 cryptographic authentication modes

*/
@@ -116,9 +116,10 @@ 
static const u16 gf128mul_table_lle[256] = gf128mul_dat(xda_lle);

static const u16 gf128mul_table_bbe[256] = gf128mul_dat(xda_bbe);



/* These functions multiply a field element by x, by x^4 and by x^8

 * in the polynomial field representation. It uses 32-bit word operations

 * to gain speed but compensates for machine endianess and hence works

/*

 * The following functions multiply a field element by x or by x^8 in

 * the polynomial field representation.  They use 64-bit word operations

 * to gain speed but compensate for machine endianness and hence work

 * correctly on both styles of machine.

 */
@@ -251,7 +252,7 @@ EXPORT_SYMBOL(gf128mul_bbe); 


/*      This version uses 64k bytes of table space.

    A 16 byte buffer has to be multiplied by a 16 byte key

    value in GF(128).  If we consider a GF(128) value in

    value in GF(2^128).  If we consider a GF(2^128) value in

    the buffer's lowest byte, we can construct a table of

    the 256 16 byte values that result from the 256 values

    of this byte.  This requires 4096 bytes. But we also
@@ -330,7 +331,7 @@ EXPORT_SYMBOL(gf128mul_64k_bbe); 


/*      This version uses 4k bytes of table space.

    A 16 byte buffer has to be multiplied by a 16 byte key

    value in GF(128).  If we consider a GF(128) value in a

    value in GF(2^128).  If we consider a GF(2^128) value in a

    single byte, we can construct a table of the 256 16 byte

    values that result from the 256 values of this byte.

    This requires 4096 bytes. If we take the highest byte in

include/crypto/gf128mul.h

+14 −12
Original line number Diff line number Diff line
@@ -43,7 +43,7 @@ 
 ---------------------------------------------------------------------------

 Issue Date: 31/01/2006



 An implementation of field multiplication in Galois Field GF(128)

 An implementation of field multiplication in Galois Field GF(2^128)

*/



#ifndef _CRYPTO_GF128MUL_H
@@ -65,7 +65,7 @@ 
 * are left and the lsb's are right. char b[16] is an array and b[0] is

 * the first octet.

 *

 * 80000000 00000000 00000000 00000000 .... 00000000 00000000 00000000

 * 10000000 00000000 00000000 00000000 .... 00000000 00000000 00000000

 *   b[0]     b[1]     b[2]     b[3]          b[13]    b[14]    b[15]

 *

 * Every bit is a coefficient of some power of X. We can store the bits
@@ -85,15 +85,17 @@ 
 * Both of the above formats are easy to implement on big-endian

 * machines.

 *

 * EME (which is patent encumbered) uses the ble format (bits are stored

 * in big endian order and the bytes in little endian). The above buffer

 * represents X^7 in this case and the primitive polynomial is b[0] = 0x87.

 * XTS and EME (the latter of which is patent encumbered) use the ble

 * format (bits are stored in big endian order and the bytes in little

 * endian). The above buffer represents X^7 in this case and the

 * primitive polynomial is b[0] = 0x87.

 *

 * The common machine word-size is smaller than 128 bits, so to make

 * an efficient implementation we must split into machine word sizes.

 * This file uses one 32bit for the moment. Machine endianness comes into

 * play. The lle format in relation to machine endianness is discussed

 * below by the original author of gf128mul Dr Brian Gladman.

 * This implementation uses 64-bit words for the moment. Machine

 * endianness comes into play. The lle format in relation to machine

 * endianness is discussed below by the original author of gf128mul Dr

 * Brian Gladman.

 *

 * Let's look at the bbe and ble format on a little endian machine.

 *
@@ -127,10 +129,10 @@ 
 * machines this will automatically aligned to wordsize and on a 64-bit

 * machine also.

 */

/*	Multiply a GF128 field element by x. Field elements are held in arrays

    of bytes in which field bits 8n..8n + 7 are held in byte[n], with lower

    indexed bits placed in the more numerically significant bit positions

    within bytes.

/*	Multiply a GF(2^128) field element by x. Field elements are

    held in arrays of bytes in which field bits 8n..8n + 7 are held in

    byte[n], with lower indexed bits placed in the more numerically

    significant bit positions within bytes.



    On little endian machines the bit indexes translate into the bit

    positions within four 32-bit words in the following way