From: Dr. Stephen Henson <steve@openssl.org>
Date: Tue, 9 Jun 2015 22:17:06 +0000 (+0100)
Subject: Relax CCM tag check.
X-Git-Tag: OpenSSL_1_0_1p~6
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=cb6e0ed17a61ae3711d385f517d61be2b4c33a55;p=oweals%2Fopenssl.git

Relax CCM tag check.

In CCM mode don't require a tag before initialising decrypt: this allows
the tag length to be set without requiring the tag.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 9cca7be11d62298b2af0722f94345012c86eaed4)
---

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 1ede7bd39e..a4327fcb05 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -1146,7 +1146,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
     case EVP_CTRL_CCM_SET_TAG:
         if ((arg & 1) || arg < 4 || arg > 16)
             return 0;
-        if ((c->encrypt && ptr) || (!c->encrypt && !ptr))
+        if (c->encrypt && ptr)
             return 0;
         if (ptr) {
             cctx->tag_set = 1;