symm/gaead.h: Specify a flag for `AEAD' schemes which don't do AAD.

This is a useful shape, and, in particular, it covers the NaCl
`crypto_secretbox' transform.

diff --git a/symm/gaead.h b/symm/gaead.h
index cad250c..33feb36 100644 (file)
--- a/symm/gaead.h
+++ b/symm/gaead.h
@@ -124,7 +124,8 @@ typedef struct gaead_aadops {
 
   void (*hash)(gaead_aad */*a*/, const void */*h*/, size_t /*hsz*/);
        /* Feed header (additional authenticated) data into the AAD-hashing
-        * object.
+        * object.  If the @AEADF_NOAAD@ class flag is set then @hsz@ must be
+        * zero.
         */
 
   void (*destroy)(gaead_aad */*a*/);
@@ -262,6 +263,7 @@ typedef struct gcaead {
 #define AEADF_PCTSZ 4u                 /*   Precommit to tag size */
 #define AEADF_AADNDEP 8u               /*   AAD hash is nonce-dependent */
 #define AEADF_AADFIRST 16u             /*   AAD must precede msg/ct */
+#define AEADF_NOAAD 32u                        /*   AAD is not permitted */
 
   gaead_key *(*key)(const void */*k*/, size_t /*ksz*/);
        /* Return a key object (above) with the given key material. */