s390x assembly pack: allow specifying the tag after aad in aes-ccm

67c81ec311 forgot about s390x Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8971)
author: Patrick Steuer <patrick.steuer@de.ibm.com> 2019-05-21 19:10:28 +0200
committer: Patrick Steuer <patrick.steuer@de.ibm.com> 2019-05-22 10:57:50 +0200
commit: 887e22dd8b6f054e39b2d20fc8870eaba7fc61a8 (patch)
tree: f072da0489f1fe7d5805919da4ff76d0daa79bc6 /crypto/evp
parent: da89ac0b25c5198bb0d707d7545bea7bc1c5a01e (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 6d8d4370a7..c9dbca98d7 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -2264,9 +2264,6 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     if (!cctx->aes.ccm.iv_set)
         return -1;
 
-    if (!enc && !cctx->aes.ccm.tag_set)
-        return -1;
-
     if (out == NULL) {
         /* Update(): Pass message length. */
         if (in == NULL) {
@@ -2285,6 +2282,10 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         return len;
     }
 
+    /* The tag must be set before actually decrypting data */
+    if (!enc && !cctx->aes.ccm.tag_set)
+        return -1;
+
     /* Update(): Process message. */
 
     if (!cctx->aes.ccm.len_set) {
author	Patrick Steuer <patrick.steuer@de.ibm.com>	2019-05-21 19:10:28 +0200
committer	Patrick Steuer <patrick.steuer@de.ibm.com>	2019-05-22 10:57:50 +0200
commit	887e22dd8b6f054e39b2d20fc8870eaba7fc61a8 (patch)
tree	f072da0489f1fe7d5805919da4ff76d0daa79bc6 /crypto/evp
parent	da89ac0b25c5198bb0d707d7545bea7bc1c5a01e (diff)