From 7ad363791ebf9c1f45ae6b99b49540d442850ba9 Mon Sep 17 00:00:00 2001
From: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date: Thu, 18 May 2017 04:09:51 +0300
Subject: Support GOST cipher suite MAC calculation

GOST ciphersuites require that MAC is calculated over _all_ packets,
rather than just current packet. Add flag to auth_cipher_hd_st
controlling this behaviour.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
---
 lib/gnutls_int.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lib/gnutls_int.h')

diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index ea9d00852a..5f1a915a14 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -694,6 +694,7 @@ typedef struct gnutls_group_entry_st {
 } gnutls_group_entry_st;
 
 #define GNUTLS_MAC_FLAG_PREIMAGE_INSECURE	1  /* if this algorithm should not be trusted for pre-image attacks */
+#define GNUTLS_MAC_FLAG_CONTINUOUS_MAC		(1 << 1) /* if this MAC should be used in a 'continuous' way in TLS */
 /* This structure is used both for MACs and digests
  */
 typedef struct mac_entry_st {
-- 
cgit v1.2.1