projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b0ee17a)
Don't require tag before ciphertext in AESGCM mode
authorDr. Stephen Henson <steve@openssl.org>
Tue, 16 Oct 2012 22:46:08 +0000 (22:46 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Mon, 16 Dec 2013 14:08:30 +0000 (14:08 +0000)
(cherry picked from commit 964eaad78ccdc6c4537664924e6082b08cc1c8ee)

crypto/evp/e_aes.c patch | blob | history

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 71f9e037d53d79cdbf5e9ba0c9b73e3811d6d386..45e85047f1750859919de4a45b760ade23bb350c 100644 (file)
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -956,8 +956,6 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
        if (!gctx->iv_set)
                return -1;
-       if (!ctx->encrypt && gctx->taglen < 0)
-               return -1;
        if (in)
                {
                if (out == NULL)
@@ -999,6 +997,8 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                {
                if (!ctx->encrypt)
                        {
+                       if (gctx->taglen < 0)
+                               return -1;
                        if (CRYPTO_gcm128_finish(&gctx->gcm,
                                        ctx->buf, gctx->taglen) != 0)
                                return -1;
Unnamed repository; edit this file 'description' to name the repository.