From 9f4db5004ef6239c8f50bae16df0e9df3bed4417 Mon Sep 17 00:00:00 2001 From: Mark Wooding Date: Tue, 16 Jan 2024 14:01:01 +0000 Subject: [PATCH] symm/gcm-*.S (mul256): Label the partial-product terms correctly. Two problems in three letters: * the middle term was written as `d', rather than `b' as introduced in the previous paragraph; and * the three are listed in the wrong order. --- symm/gcm-arm-crypto.S | 2 +- symm/gcm-arm64-pmull.S | 2 +- symm/gcm-x86ish-pclmul.S | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/symm/gcm-arm-crypto.S b/symm/gcm-arm-crypto.S index 166a5b74..8861e601 100644 --- a/symm/gcm-arm-crypto.S +++ b/symm/gcm-arm-crypto.S @@ -415,7 +415,7 @@ // // q = r s = (u_0 + u_1) (v_0 + v_1) // = (u_0 v_0) + (u1 v_1) + (u_0 v_1 + u_1 v_0) - // = a + d + c + // = a + c + b // // The first two terms we've already calculated; the last is the // remaining one we want. We'll set B = t^128. We know how to do diff --git a/symm/gcm-arm64-pmull.S b/symm/gcm-arm64-pmull.S index 97bb3bf2..dcd8c450 100644 --- a/symm/gcm-arm64-pmull.S +++ b/symm/gcm-arm64-pmull.S @@ -338,7 +338,7 @@ // // q = r s = (u_0 + u_1) (v_0 + v_1) // = (u_0 v_0) + (u1 v_1) + (u_0 v_1 + u_1 v_0) - // = a + d + c + // = a + c + b // // The first two terms we've already calculated; the last is the // remaining one we want. We'll set B = t^128. We know how to do diff --git a/symm/gcm-x86ish-pclmul.S b/symm/gcm-x86ish-pclmul.S index 5f0c7545..d56cfd16 100644 --- a/symm/gcm-x86ish-pclmul.S +++ b/symm/gcm-x86ish-pclmul.S @@ -559,7 +559,7 @@ // // q = r s = (u_0 + u_1) (v_0 + v_1) // = (u_0 v_0) + (u1 v_1) + (u_0 v_1 + u_1 v_0) - // = a + d + c + // = a + c + b // // The first two terms we've already calculated; the last is the // remaining one we want. We'll set B = t^128. We know how to do -- 2.11.0