Daiki Ueno ueno@gnu.org writes:
Comment says "suggested nonce_size", but I take it only that one size is possible, since set_nonce is nettle_set_key_func, with no length argument. Or do you intend to allow other sizes?
I think I'd prefer fix size, to keep things simple. And treat variants with different nonce size as separate mac algorithms, for this abstraction. Just like with the key size.
I think fixed size would be sufficient (the code was merely copied from the nettle_aead definition).
Good.
Provided that the two types of MACs (nonces are required or not) are supposedly not intermixed, another option might be to provide a separate struct (say, nettle_nmac) for MACs that require nonces (UMAC and GMAC, not sure if there will be more to come), and mandate set_nonce != NULL:
- nettle_mac (from the testutils.h definition) for HMAC, CMAC
- nettle_nmac (nettle_nmac + set_nonce) for UMAC, GMAC
Makes sense. One would then only need a good name. Is there any standard terminology distinguishing between these two variants? But I'm fine with a single struct, provided that it's clearly specified how the set_nonce call is expected to be used.
Regards, /Niels