From 72b69e380857075c3463ab9ec767e39c201b66ac Mon Sep 17 00:00:00 2001
From: Brian Murray <Brian@Clover.com>
Date: Tue, 13 Sep 2016 14:21:01 -0700
Subject: [PATCH] Minor fixes to comments

---
 include/mbedtls/cmac.h | 13 +++++++------
 library/cmac.c         |  2 +-
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
index 10c8633c9..325d22d51 100644
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@@ -57,7 +57,8 @@ void mbedtls_cmac_init( mbedtls_cmac_context *ctx );
  * \brief           Initialize the CMAC context
  *
  * \param ctx       CMAC context to be initialized
- * \param cipher    cipher to use
+ * \param cipher    cipher to use.  
+                    Cipher block size must be 8 bytes or 16 bytes.
  * \param key       encryption key
  * \param keybits   encryption key size in bits (must be acceptable by the cipher)
  *
@@ -84,8 +85,8 @@ void mbedtls_cmac_free( mbedtls_cmac_context *ctx );
  * \param in_len    length of the input data in bytes
  * \param tag       buffer for holding the generated tag
  * \param tag_len   length of the tag to generate in bytes
- *                  Must be 2, 4, 6, 8 if cipher block size is 64
- *                  Must be 2, 4, 6, 8, 10, 12, 14 or 16 if cipher block size is 128
+ *                  Must be 2, 4, 6, 8 if cipher block size is 8
+ *                  Must be 2, 4, 6, 8, 10, 12, 14 or 16 if cipher block size is 16
  *
  * \return          0 if successful
  */
@@ -101,8 +102,8 @@ int mbedtls_cmac_generate( mbedtls_cmac_context *ctx,
  * \param in_len    length of the input data in bytes
  * \param tag       buffer holding the tag to verify
  * \param tag_len   length of the tag to verify in bytes
- *                  Must be 2, 4, 6, 8 if cipher block size is 64
- *                  Must be 2, 4, 6, 8, 10, 12, 14 or 16 if cipher block size is 128
+ *                  Must be 2, 4, 6, 8 if cipher block size is 8
+ *                  Must be 2, 4, 6, 8, 10, 12, 14 or 16 if cipher block size is 16
  * \return          0 if successful and authenticated
  *                  MBEDTLS_ERR_CMAC_VERIFY_FAILED if tag does not match
  */
@@ -119,7 +120,7 @@ int mbedtls_cmac_verify( mbedtls_cmac_context *ctx,
  * \param key_len   PRF key length
  * \param input     buffer holding the input data
  * \param in_len    length of the input data in bytes
- * \param tag       buffer holding the tag to verify (16 bytes)
+ * \param tag       buffer holding the generated pseudorandom output
  *
  * \return          0 if successful
  */
diff --git a/library/cmac.c b/library/cmac.c
index e57e024bb..920c23d6a 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -64,7 +64,7 @@ void mbedtls_cmac_init( mbedtls_cmac_context *ctx )
 /*
  * Multiplication by u in the Galois field of GF(2^n)
  *
- * As explained in the paper, this can be computed:
+ * As explained in NIST SP 800-38B, this can be computed:
  * If MSB(p) = 0, then p = (p << 1)
  * If MSB(p) = 1, then p = (p << 1) ^ R_n
  * with R_64 = 0x1B and  R_128 = 0x87