projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c7d16ac)
Don't require tag before ciphertext in AESGCM mode
authorDr. Stephen Henson <steve@openssl.org>
Tue, 16 Oct 2012 22:46:32 +0000 (22:46 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 16 Oct 2012 22:46:32 +0000 (22:46 +0000)
crypto/evp/e_aes.c patch | blob | history

diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 11d728bbc2b67e5e4bb0012dbe7ab43b9b5b32a3..763b90729e9a724494791640e904363d41bf54bf 100644 (file)
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -973,8 +973,6 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
        if (!gctx->iv_set)
                return -1;
-       if (!ctx->encrypt && gctx->taglen < 0)
-               return -1;
        if (in)
                {
                if (out == NULL)
@@ -1016,6 +1014,8 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                {
                if (!ctx->encrypt)
                        {
+                       if (gctx->taglen < 0)
+                               return -1;
                        if (CRYPTO_gcm128_finish(&gctx->gcm,
                                        ctx->buf, gctx->taglen) != 0)
                                return -1;
Unnamed repository; edit this file 'description' to name the repository.