diff options
Diffstat (limited to 'lib/cipher_int.c')
-rw-r--r-- | lib/cipher_int.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/lib/cipher_int.c b/lib/cipher_int.c index 40bf64f8bc..b5308aa629 100644 --- a/lib/cipher_int.c +++ b/lib/cipher_int.c @@ -218,6 +218,9 @@ int _gnutls_auth_cipher_init(auth_cipher_hd_st * handle, gnutls_assert(); goto cleanup; } +#ifdef ENABLE_GOST + handle->continuous_mac = !!(me->flags & GNUTLS_MAC_FLAG_CONTINUOUS_MAC); +#endif handle->tag_size = _gnutls_mac_get_algo_len(me); } else if (_gnutls_cipher_algo_is_aead(e)) { @@ -422,15 +425,23 @@ int _gnutls_auth_cipher_tag(auth_cipher_hd_st * handle, void *tag, { if (handle->is_mac) { #ifdef ENABLE_SSL3 - int ret; - if (handle->ssl_hmac) { - ret = + int ret = _gnutls_mac_output_ssl3(&handle->mac.dig, tag); if (ret < 0) return gnutls_assert_val(ret); } else #endif +#ifdef ENABLE_GOST + /* draft-smyshlyaev-tls12-gost-suites section 4.1.2 */ + if (handle->continuous_mac) { + mac_hd_st temp_mac; + int ret = _gnutls_mac_copy(&handle->mac.mac, &temp_mac); + if (ret < 0) + return gnutls_assert_val(ret); + _gnutls_mac_deinit(&temp_mac, tag); + } else +#endif _gnutls_mac_output(&handle->mac.mac, tag); } else if (_gnutls_cipher_is_aead(&handle->cipher)) { _gnutls_cipher_tag(&handle->cipher, tag, tag_size); |