From: Dr. Stephen Henson Date: Tue, 16 Oct 2012 22:46:40 +0000 (+0000) Subject: Don't require tag before ciphertext in AESGCM mode X-Git-Tag: OpenSSL_1_0_1d~59 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=96f7fafa24313106b121782f1dcf7928dd0838ed;p=oweals%2Fopenssl.git Don't require tag before ciphertext in AESGCM mode --- diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index e4d97dbebd..1bfb5d92b3 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -969,8 +969,6 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (!gctx->iv_set) return -1; - if (!ctx->encrypt && gctx->taglen < 0) - return -1; if (in) { if (out == NULL) @@ -1012,6 +1010,8 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, { if (!ctx->encrypt) { + if (gctx->taglen < 0) + return -1; if (CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen) != 0) return -1;