Commit 63be5b53 authored by Eric Biggers's avatar Eric Biggers Committed by Herbert Xu

crypto: gf128mul - fix some comments

Fix incorrect references to GF(128) instead of GF(2^128), as these are
two entirely different fields, and fix a few other incorrect comments.

Cc: Alex Cope <alexcope@google.com>
Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 28b62b14
...@@ -44,7 +44,7 @@ ...@@ -44,7 +44,7 @@
--------------------------------------------------------------------------- ---------------------------------------------------------------------------
Issue 31/01/2006 Issue 31/01/2006
This file provides fast multiplication in GF(128) as required by several This file provides fast multiplication in GF(2^128) as required by several
cryptographic authentication modes cryptographic authentication modes
*/ */
...@@ -116,9 +116,10 @@ ...@@ -116,9 +116,10 @@
static const u16 gf128mul_table_lle[256] = gf128mul_dat(xda_lle); static const u16 gf128mul_table_lle[256] = gf128mul_dat(xda_lle);
static const u16 gf128mul_table_bbe[256] = gf128mul_dat(xda_bbe); static const u16 gf128mul_table_bbe[256] = gf128mul_dat(xda_bbe);
/* These functions multiply a field element by x, by x^4 and by x^8 /*
* in the polynomial field representation. It uses 32-bit word operations * The following functions multiply a field element by x or by x^8 in
* to gain speed but compensates for machine endianess and hence works * the polynomial field representation. They use 64-bit word operations
* to gain speed but compensate for machine endianness and hence work
* correctly on both styles of machine. * correctly on both styles of machine.
*/ */
...@@ -251,7 +252,7 @@ EXPORT_SYMBOL(gf128mul_bbe); ...@@ -251,7 +252,7 @@ EXPORT_SYMBOL(gf128mul_bbe);
/* This version uses 64k bytes of table space. /* This version uses 64k bytes of table space.
A 16 byte buffer has to be multiplied by a 16 byte key A 16 byte buffer has to be multiplied by a 16 byte key
value in GF(128). If we consider a GF(128) value in value in GF(2^128). If we consider a GF(2^128) value in
the buffer's lowest byte, we can construct a table of the buffer's lowest byte, we can construct a table of
the 256 16 byte values that result from the 256 values the 256 16 byte values that result from the 256 values
of this byte. This requires 4096 bytes. But we also of this byte. This requires 4096 bytes. But we also
...@@ -330,7 +331,7 @@ EXPORT_SYMBOL(gf128mul_64k_bbe); ...@@ -330,7 +331,7 @@ EXPORT_SYMBOL(gf128mul_64k_bbe);
/* This version uses 4k bytes of table space. /* This version uses 4k bytes of table space.
A 16 byte buffer has to be multiplied by a 16 byte key A 16 byte buffer has to be multiplied by a 16 byte key
value in GF(128). If we consider a GF(128) value in a value in GF(2^128). If we consider a GF(2^128) value in a
single byte, we can construct a table of the 256 16 byte single byte, we can construct a table of the 256 16 byte
values that result from the 256 values of this byte. values that result from the 256 values of this byte.
This requires 4096 bytes. If we take the highest byte in This requires 4096 bytes. If we take the highest byte in
......
...@@ -43,7 +43,7 @@ ...@@ -43,7 +43,7 @@
--------------------------------------------------------------------------- ---------------------------------------------------------------------------
Issue Date: 31/01/2006 Issue Date: 31/01/2006
An implementation of field multiplication in Galois Field GF(128) An implementation of field multiplication in Galois Field GF(2^128)
*/ */
#ifndef _CRYPTO_GF128MUL_H #ifndef _CRYPTO_GF128MUL_H
...@@ -65,7 +65,7 @@ ...@@ -65,7 +65,7 @@
* are left and the lsb's are right. char b[16] is an array and b[0] is * are left and the lsb's are right. char b[16] is an array and b[0] is
* the first octet. * the first octet.
* *
* 80000000 00000000 00000000 00000000 .... 00000000 00000000 00000000 * 10000000 00000000 00000000 00000000 .... 00000000 00000000 00000000
* b[0] b[1] b[2] b[3] b[13] b[14] b[15] * b[0] b[1] b[2] b[3] b[13] b[14] b[15]
* *
* Every bit is a coefficient of some power of X. We can store the bits * Every bit is a coefficient of some power of X. We can store the bits
...@@ -85,15 +85,17 @@ ...@@ -85,15 +85,17 @@
* Both of the above formats are easy to implement on big-endian * Both of the above formats are easy to implement on big-endian
* machines. * machines.
* *
* EME (which is patent encumbered) uses the ble format (bits are stored * XTS and EME (the latter of which is patent encumbered) use the ble
* in big endian order and the bytes in little endian). The above buffer * format (bits are stored in big endian order and the bytes in little
* represents X^7 in this case and the primitive polynomial is b[0] = 0x87. * endian). The above buffer represents X^7 in this case and the
* primitive polynomial is b[0] = 0x87.
* *
* The common machine word-size is smaller than 128 bits, so to make * The common machine word-size is smaller than 128 bits, so to make
* an efficient implementation we must split into machine word sizes. * an efficient implementation we must split into machine word sizes.
* This file uses one 32bit for the moment. Machine endianness comes into * This implementation uses 64-bit words for the moment. Machine
* play. The lle format in relation to machine endianness is discussed * endianness comes into play. The lle format in relation to machine
* below by the original author of gf128mul Dr Brian Gladman. * endianness is discussed below by the original author of gf128mul Dr
* Brian Gladman.
* *
* Let's look at the bbe and ble format on a little endian machine. * Let's look at the bbe and ble format on a little endian machine.
* *
...@@ -127,10 +129,10 @@ ...@@ -127,10 +129,10 @@
* machines this will automatically aligned to wordsize and on a 64-bit * machines this will automatically aligned to wordsize and on a 64-bit
* machine also. * machine also.
*/ */
/* Multiply a GF128 field element by x. Field elements are held in arrays /* Multiply a GF(2^128) field element by x. Field elements are
of bytes in which field bits 8n..8n + 7 are held in byte[n], with lower held in arrays of bytes in which field bits 8n..8n + 7 are held in
indexed bits placed in the more numerically significant bit positions byte[n], with lower indexed bits placed in the more numerically
within bytes. significant bit positions within bytes.
On little endian machines the bit indexes translate into the bit On little endian machines the bit indexes translate into the bit
positions within four 32-bit words in the following way positions within four 32-bit words in the following way
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment