git.librecmc.org Git - oweals/openssl.git/commit

author	Tobias Nießen <tniessen@tnie.de>
	Fri, 14 Sep 2018 19:49:34 +0000 (21:49 +0200)
committer	Matt Caswell <matt@openssl.org>
	Wed, 8 May 2019 10:02:42 +0000 (11:02 +0100)
commit	b48e3be947ddc5da6b5a86db8341081c72b9a4ee
tree	23e6e6a8de7359a34b0e1822b861b371f4691fa2	tree \| snapshot
parent	8f506274029903457c5f1d8663a012763f55cd37	commit \| diff

Allow specifying the tag after AAD in CCM mode

This change allows to pass the authentication tag after specifying
the AAD in CCM mode. This is already true for the other two supported
AEAD modes (GCM and OCB) and it seems appropriate to match the
behavior.

GCM and OCB also support to set the tag at any point before the call
to `EVP_*Final`, but this won't work for CCM due to a restriction
imposed by section 2.6 of RFC3610: The tag must be set before
actually decrypting data.

This commit also adds a test case for setting the tag after supplying
plaintext length and AAD.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7243)

(cherry picked from commit 67c81ec311d696464bdbf4c6d6f8a887a3ddf9f8)

crypto/evp/e_aes.c		diff \| blob \| history
doc/man3/EVP_EncryptInit.pod		diff \| blob \| history
test/evp_test.c		diff \| blob \| history
test/recipes/30-test_evp_data/evpciph.txt		diff \| blob \| history