From: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date: Fri, 28 Jun 2019 13:54:30 +0000 (+0300)
Subject: lib: document gnutls_hmac_fast vs nonce relationship
X-Git-Tag: gnutls_3_6_9~20^2
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=7afa9278fce2f0996fa616d4da47f7f106a12673;p=thirdparty%2Fgnutls.git

lib: document gnutls_hmac_fast vs nonce relationship

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
---

diff --git a/lib/crypto-api.c b/lib/crypto-api.c
index 0cd3d21723..8af3f3b7dc 100644
--- a/lib/crypto-api.c
+++ b/lib/crypto-api.c
@@ -464,7 +464,8 @@ unsigned gnutls_hmac_get_len(gnutls_mac_algorithm_t algorithm)
  * @digest: is the output value of the hash
  *
  * This convenience function will hash the given data and return output
- * on a single call.
+ * on a single call. Note, this call will not work for MAC algorithms
+ * that require nonce (like UMAC or GMAC).
  *
  * Returns: Zero or a negative error code on error.
  *
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 074967603a..11652a8c2b 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -278,13 +278,13 @@ typedef enum {
  * @GNUTLS_MAC_STREEBOG_256: HMAC GOST R 34.11-2001 (Streebog) algorithm, 256 bit.
  * @GNUTLS_MAC_STREEBOG_512: HMAC GOST R 34.11-2001 (Streebog) algorithm, 512 bit.
  * @GNUTLS_MAC_AEAD: MAC implicit through AEAD cipher.
- * @GNUTLS_MAC_UMAC_96: The UMAC-96 MAC algorithm.
- * @GNUTLS_MAC_UMAC_128: The UMAC-128 MAC algorithm.
+ * @GNUTLS_MAC_UMAC_96: The UMAC-96 MAC algorithm (requires nonce).
+ * @GNUTLS_MAC_UMAC_128: The UMAC-128 MAC algorithm (requires nonce).
  * @GNUTLS_MAC_AES_CMAC_128: The AES-CMAC-128 MAC algorithm.
  * @GNUTLS_MAC_AES_CMAC_256: The AES-CMAC-256 MAC algorithm.
- * @GNUTLS_MAC_AES_GMAC_128: The AES-GMAC-128 MAC algorithm.
- * @GNUTLS_MAC_AES_GMAC_192: The AES-GMAC-192 MAC algorithm.
- * @GNUTLS_MAC_AES_GMAC_256: The AES-GMAC-256 MAC algorithm.
+ * @GNUTLS_MAC_AES_GMAC_128: The AES-GMAC-128 MAC algorithm (requires nonce).
+ * @GNUTLS_MAC_AES_GMAC_192: The AES-GMAC-192 MAC algorithm (requires nonce).
+ * @GNUTLS_MAC_AES_GMAC_256: The AES-GMAC-256 MAC algorithm (requires nonce).
  * @GNUTLS_MAC_SHA3_224: Reserved; unimplemented.
  * @GNUTLS_MAC_SHA3_256: Reserved; unimplemented.
  * @GNUTLS_MAC_SHA3_384: Reserved; unimplemented.