Re: Language bindings question

On Dec 27, 2016, at 9:57 AM, Niels Möller nisse@lysator.liu.se wrote:

Ron Frederick ronf@timeheart.net writes:

...

Do any of the AEAD functions modify the nonce after it is set?

poly1305_aes_digest also increments the nonce. And it's in the same category as umac: A keyed hash with a per-message nonce. It seems the AEAD functions don't, so it's not entirely consistent.

It looks like poly1305_aes_digest isn’t actually in the set of nettle_aead constructions. So, it probably doesn’t make sense to add a get_nonce() just yet to nettle_aead. If you added a meta structure for keyed hashes, though, it might make sense to have both a set_nonce() and get_nonce(), and just have those be NULL for keyed hashes where there was no nonce.