The branch OpenSSL_1_1_1-stable has been updated
via 2341db5ca10fa3dc1f04d739bd4614e9b3e4e386 (commit)
from 408cb4c88875e70dcb6acfceb8e1a74714e26be4 (commit)
- Log -----------------------------------------------------------------
commit 2341db5ca10fa3dc1f04d739bd4614e9b3e4e386
Author: Patrick Steuer <patrick.ste...@de.ibm.com>
Date: Tue May 21 19:10:28 2019 +0200
s390x assembly pack: allow specifying the tag after aad in aes-ccm
67c81ec311 forgot about s390x
Signed-off-by: Patrick Steuer <patrick.ste...@de.ibm.com>
Reviewed-by: Tim Hudson <t...@openssl.org>
Reviewed-by: Shane Lontis <shane.lon...@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8971)
(cherry picked from commit 887e22dd8b6f054e39b2d20fc8870eaba7fc61a8)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/e_aes.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 55cc442..0dfd1c7 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -2216,9 +2216,6 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx,
unsigned char *out,
if (!cctx->aes.ccm.iv_set)
return -1;
- if (!enc && !cctx->aes.ccm.tag_set)
- return -1;
-
if (out == NULL) {
/* Update(): Pass message length. */
if (in == NULL) {
@@ -2237,6 +2234,10 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx,
unsigned char *out,
return len;
}
+ /* The tag must be set before actually decrypting data */
+ if (!enc && !cctx->aes.ccm.tag_set)
+ return -1;
+
/* Update(): Process message. */
if (!cctx->aes.ccm.len_set) {
