diff options
author | Patrick Steuer <patrick.steuer@de.ibm.com> | 2019-11-02 00:02:47 +0100 |
---|---|---|
committer | Patrick Steuer <patrick.steuer@de.ibm.com> | 2019-11-20 11:07:07 +0100 |
commit | a13dddea6b71743116e86e39d446b9fb43e1799e (patch) | |
tree | 94237efa80a3175d7eba281cefbfbc4bc0d83ee3 /crypto/evp | |
parent | 62c20887be277df27b287451615c90515784a02b (diff) |
Allow specifying the tag after AAD in CCM mode (2)
In addition to 67c81ec3 which introduced this behavior in CCM mode
docs but only implemented it for AES-CCM.
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10331)
(cherry picked from commit f7382fbbd846dd3bdea6b8c03b6af22faf0ab94f)
Conflicts:
test/recipes/30-test_evp_data/evpciph.txt
Diffstat (limited to 'crypto/evp')
-rw-r--r-- | crypto/evp/e_aria.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c index 0bebbb6fc2..1cc6dd91a9 100644 --- a/crypto/evp/e_aria.c +++ b/crypto/evp/e_aria.c @@ -695,8 +695,6 @@ static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (!cctx->iv_set) return -1; - if (!EVP_CIPHER_CTX_encrypting(ctx) && !cctx->tag_set) - return -1; if (!out) { if (!in) { if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx), @@ -711,6 +709,11 @@ static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, CRYPTO_ccm128_aad(ccm, in, len); return len; } + + /* The tag must be set before actually decrypting data */ + if (!EVP_CIPHER_CTX_encrypting(ctx) && !cctx->tag_set) + return -1; + /* If not set length yet do it */ if (!cctx->len_set) { if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx), |