Make EVP_*Final work for CCM ciphers

author Dr. Stephen Henson <steve@openssl.org>

Fri, 3 Feb 2017 02:47:56 +0000 (02:47 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Wed, 8 Feb 2017 02:16:27 +0000 (02:16 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Fri, 3 Feb 2017 02:47:56 +0000 (02:47 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Wed, 8 Feb 2017 02:16:27 +0000 (02:16 +0000)
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c

index 857a402f8f40b992673c0beeaba8c7bede7d925c..451d32d099b343486c7a00a2571cf08d6b7faf01 100644 (file)
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -2129,6 +2129,10 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
      if (cctx->tls_aad_len >= 0)
          return aes_ccm_tls_cipher(ctx, out, in, len);
  
+    /* EVP_*Final() doesn't return any data */
+    if (in == NULL && out != NULL)
+        return 0;
+
      if (!cctx->iv_set)
          return -1;
  
@@ -2148,9 +2152,6 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
          CRYPTO_ccm128_aad(ccm, in, len);
          return len;
      }
-    /* EVP_*Final() doesn't return any data */
-    if (!in)
-        return 0;
      /* If not set length yet do it */
      if (!cctx->len_set) {
          if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx),
author	Dr. Stephen Henson <steve@openssl.org>
	Fri, 3 Feb 2017 02:47:56 +0000 (02:47 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Wed, 8 Feb 2017 02:16:27 +0000 (02:16 +0000)