From 2341db5ca10fa3dc1f04d739bd4614e9b3e4e386 Mon Sep 17 00:00:00 2001 From: Patrick Steuer Date: Tue, 21 May 2019 19:10:28 +0200 Subject: [PATCH] s390x assembly pack: allow specifying the tag after aad in aes-ccm 67c81ec311 forgot about s390x Signed-off-by: Patrick Steuer Reviewed-by: Tim Hudson Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/8971) (cherry picked from commit 887e22dd8b6f054e39b2d20fc8870eaba7fc61a8) --- crypto/evp/e_aes.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 55cc4423a7..0dfd1c7dd8 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -2216,9 +2216,6 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (!cctx->aes.ccm.iv_set) return -1; - if (!enc && !cctx->aes.ccm.tag_set) - return -1; - if (out == NULL) { /* Update(): Pass message length. */ if (in == NULL) { @@ -2237,6 +2234,10 @@ static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, return len; } + /* The tag must be set before actually decrypting data */ + if (!enc && !cctx->aes.ccm.tag_set) + return -1; + /* Update(): Process message. */ if (!cctx->aes.ccm.len_set) { -- 2.25.1