Minor fixes to comments
diff --git a/include/mbedtls/cmac.h b/include/mbedtls/cmac.h
index 10c8633..325d22d 100644
--- a/include/mbedtls/cmac.h
+++ b/include/mbedtls/cmac.h
@@ -57,7 +57,8 @@
* \brief Initialize the CMAC context
*
* \param ctx CMAC context to be initialized
- * \param cipher cipher to use
+ * \param cipher cipher to use.
+ Cipher block size must be 8 bytes or 16 bytes.
* \param key encryption key
* \param keybits encryption key size in bits (must be acceptable by the cipher)
*
@@ -84,8 +85,8 @@
* \param in_len length of the input data in bytes
* \param tag buffer for holding the generated tag
* \param tag_len length of the tag to generate in bytes
- * Must be 2, 4, 6, 8 if cipher block size is 64
- * Must be 2, 4, 6, 8, 10, 12, 14 or 16 if cipher block size is 128
+ * Must be 2, 4, 6, 8 if cipher block size is 8
+ * Must be 2, 4, 6, 8, 10, 12, 14 or 16 if cipher block size is 16
*
* \return 0 if successful
*/
@@ -101,8 +102,8 @@
* \param in_len length of the input data in bytes
* \param tag buffer holding the tag to verify
* \param tag_len length of the tag to verify in bytes
- * Must be 2, 4, 6, 8 if cipher block size is 64
- * Must be 2, 4, 6, 8, 10, 12, 14 or 16 if cipher block size is 128
+ * Must be 2, 4, 6, 8 if cipher block size is 8
+ * Must be 2, 4, 6, 8, 10, 12, 14 or 16 if cipher block size is 16
* \return 0 if successful and authenticated
* MBEDTLS_ERR_CMAC_VERIFY_FAILED if tag does not match
*/
@@ -119,7 +120,7 @@
* \param key_len PRF key length
* \param input buffer holding the input data
* \param in_len length of the input data in bytes
- * \param tag buffer holding the tag to verify (16 bytes)
+ * \param tag buffer holding the generated pseudorandom output
*
* \return 0 if successful
*/
diff --git a/library/cmac.c b/library/cmac.c
index e57e024..920c23d 100644
--- a/library/cmac.c
+++ b/library/cmac.c
@@ -64,7 +64,7 @@
/*
* Multiplication by u in the Galois field of GF(2^n)
*
- * As explained in the paper, this can be computed:
+ * As explained in NIST SP 800-38B, this can be computed:
* If MSB(p) = 0, then p = (p << 1)
* If MSB(p) = 1, then p = (p << 1) ^ R_n
* with R_64 = 0x1B and R_128 = 0x87