[openssl] OpenSSL_1_1_1-stable update

Matt Caswell matt at openssl.org
Wed Nov 24 17:20:39 UTC 2021


The branch OpenSSL_1_1_1-stable has been updated
       via  fd0fd729bb6c75e266b881580d69d679af044cad (commit)
      from  19706a3ddf72de9c7d11d28e4d2e86ac80d75896 (commit)


- Log -----------------------------------------------------------------
commit fd0fd729bb6c75e266b881580d69d679af044cad
Author: Matt Caswell <matt at openssl.org>
Date:   Tue Nov 23 12:24:39 2021 +0000

    Clarify and correct the EVP_CTRL_AEAD_SET_TAG docs
    
    The restriction about setting a tag length prior to setting the IV only
    applies to OCB mode. We clarify when in the process EVP_CTRL_AEAD_SET_TAG
    can be called.
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/17111)
    
    (cherry picked from commit 3607b8ad8ee1980a079e985333a196e0c79f8f00)

-----------------------------------------------------------------------

Summary of changes:
 doc/man3/EVP_EncryptInit.pod | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod
index 0d8a780bb7..ffd1aab2b3 100644
--- a/doc/man3/EVP_EncryptInit.pod
+++ b/doc/man3/EVP_EncryptInit.pod
@@ -380,18 +380,20 @@ B<EVP_CTRL_AEAD_SET_TAG>.
 
 =item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag)
 
-Sets the expected tag to C<taglen> bytes from C<tag>.
-The tag length can only be set before specifying an IV.
+When decrypting, this call sets the expected tag to C<taglen> bytes from C<tag>.
 C<taglen> must be between 1 and 16 inclusive.
+The tag must be set prior to any call to EVP_DecryptFinal() or
+EVP_DecryptFinal_ex().
 
 For GCM, this call is only valid when decrypting data.
 
 For OCB, this call is valid when decrypting data to set the expected tag,
-and before encryption to set the desired tag length.
+and when encrypting to set the desired tag length.
 
-In OCB mode, calling this before encryption with C<tag> set to C<NULL> sets the
-tag length.  If this is not called prior to encryption, a default tag length is
-used.
+In OCB mode, calling this when encrypting with C<tag> set to C<NULL> sets the
+tag length. The tag length can only be set before specifying an IV. If this is
+not called prior to setting the IV during encryption, then a default tag length
+is used.
 
 For OCB AES, the default tag length is 16 (i.e. 128 bits).  It is also the
 maximum tag length for OCB.


More information about the openssl-commits mailing list