// GoGOST -- Pure Go GOST cryptographic functions library
-// Copyright (C) 2015-2019 Sergey Matveev <stargrave@stargrave.org>
+// Copyright (C) 2015-2020 Sergey Matveev <stargrave@stargrave.org>
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
func NewMGM(cipher cipher.Block, tagSize int) (cipher.AEAD, error) {
blockSize := cipher.BlockSize()
if !(blockSize == 8 || blockSize == 16) {
- return nil, errors.New("MGM supports only 64/128 blocksizes")
+ return nil, errors.New("gogost/mgm: only 64/128 blocksizes allowed")
}
if tagSize < 4 || tagSize > blockSize {
- return nil, errors.New("invalid tag size")
+ return nil, errors.New("gogost/mgm: invalid tag size")
}
mgm := MGM{
maxSize: uint64(1<<uint(blockSize*8/2) - 1),
copy(mgm.icn, nonce)
mgm.auth(mgm.sum, ct, additionalData)
if !hmac.Equal(mgm.sum[:mgm.tagSize], ciphertext[len(ciphertext)-mgm.tagSize:]) {
- return nil, errors.New("invalid authentication tag")
+ return nil, errors.New("gogost/mgm: invalid authentication tag")
}
mgm.crypt(out, ct)
return ret, nil