diff options
Diffstat (limited to 'crypto/evp/e_aria.c')
-rw-r--r-- | crypto/evp/e_aria.c | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c index fcaceb3bcadf..1cc6dd91a95a 100644 --- a/crypto/evp/e_aria.c +++ b/crypto/evp/e_aria.c @@ -14,10 +14,10 @@ # include <openssl/modes.h> # include <openssl/rand.h> # include <openssl/rand_drbg.h> -# include "internal/aria.h" -# include "internal/evp_int.h" -# include "modes_lcl.h" -# include "evp_locl.h" +# include "crypto/aria.h" +# include "crypto/evp.h" +# include "modes_local.h" +# include "evp_local.h" /* ARIA subkey Structure */ typedef struct { @@ -695,8 +695,6 @@ static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (!cctx->iv_set) return -1; - if (!EVP_CIPHER_CTX_encrypting(ctx) && !cctx->tag_set) - return -1; if (!out) { if (!in) { if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx), @@ -711,6 +709,11 @@ static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, CRYPTO_ccm128_aad(ccm, in, len); return len; } + + /* The tag must be set before actually decrypting data */ + if (!EVP_CIPHER_CTX_encrypting(ctx) && !cctx->tag_set) + return -1; + /* If not set length yet do it */ if (!cctx->len_set) { if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx), |