[openssl] openssl-3.0 update

Matt Caswell matt at openssl.org
Wed Nov 24 17:20:22 UTC 2021 

The branch openssl-3.0 has been updated
       via  90023b7e55b87f5b9a4f1b44f79f347cb71e257f (commit)
      from  0911d28ffad75ef1190e91f4f9feaa6d01cb714d (commit)


- Log -----------------------------------------------------------------
commit 90023b7e55b87f5b9a4f1b44f79f347cb71e257f
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Nov 23 12:24:39 2021 +0000

    Clarify and correct the EVP_CTRL_AEAD_SET_TAG docs
    
    The restriction about setting a tag length prior to setting the IV only
    applies to OCB mode. We clarify when in the process EVP_CTRL_AEAD_SET_TAG
    can be called.
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/17111)
    
    (cherry picked from commit 3607b8ad8ee1980a079e985333a196e0c79f8f00)

-----------------------------------------------------------------------

Summary of changes:
 doc/man3/EVP_EncryptInit.pod | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod
index f289a842a3..d37c60ba89 100644
--- a/doc/man3/EVP_EncryptInit.pod
+++ b/doc/man3/EVP_EncryptInit.pod
@@ -1300,18 +1300,20 @@ B<EVP_CTRL_AEAD_SET_TAG>.
 
 =item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)
 
-Sets the expected tag to C<taglen> bytes from C<tag>.
-The tag length can only be set before specifying an IV.
+When decrypting, this call sets the expected tag to C<taglen> bytes from C<tag>.
 C<taglen> must be between 1 and 16 inclusive.
+The tag must be set prior to any call to EVP_DecryptFinal() or
+EVP_DecryptFinal_ex().
 
 For GCM, this call is only valid when decrypting data.
 
 For OCB, this call is valid when decrypting data to set the expected tag,
-and before encryption to set the desired tag length.
+and when encrypting to set the desired tag length.
 
-In OCB mode, calling this before encryption with C<tag> set to C<NULL> sets the
-tag length.  If this is not called prior to encryption, a default tag length is
-used.
+In OCB mode, calling this when encrypting with C<tag> set to C<NULL> sets the
+tag length. The tag length can only be set before specifying an IV. If this is
+not called prior to setting the IV during encryption, then a default tag length
+is used.
 
 For OCB AES, the default tag length is 16 (i.e. 128 bits).  It is also the
 maximum tag length for OCB.

More information about the openssl-commits mailing list