X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=mgm%2Fmode.go;h=3fdeaba0fbc889ca6baa59c645751bcec9d7e7d4;hb=b465c131a7dc5dd4563cfa85b5629baeaa403f7b;hp=c62e7561ecaa608b2af6b920715f3d37f7c97fc7;hpb=285c03431192ff6ffbfa7470652fd545f06e0b00;p=gogost.git

diff --git a/mgm/mode.go b/mgm/mode.go
index c62e756..3fdeaba 100644
--- a/mgm/mode.go
+++ b/mgm/mode.go
@@ -23,6 +23,8 @@ import (
 	"errors"
 )
 
+var InvalidTag = errors.New("gogost/mgm: invalid authentication tag")
+
 type Mul interface {
 	Mul(x, y []byte) []byte
 }
@@ -207,6 +209,8 @@ func (mgm *MGM) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
 	return ret
 }
 
+// Open the authenticated ciphertext. If authentication tag is invalid,
+// then InvalidTag error is returned.
 func (mgm *MGM) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) {
 	mgm.validateNonce(nonce)
 	mgm.validateSizes(ciphertext, additionalData)
@@ -221,7 +225,7 @@ func (mgm *MGM) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, err
 	copy(mgm.icn, nonce)
 	mgm.auth(mgm.sum, ct, additionalData)
 	if !hmac.Equal(mgm.sum[:mgm.TagSize], ciphertext[len(ciphertext)-mgm.TagSize:]) {
-		return nil, errors.New("gogost/mgm: invalid authentication tag")
+		return nil, InvalidTag
 	}
 	mgm.crypt(out, ct)
 	return ret, nil