Change ChaCha20-Poly1305 to be consistent with out ciphers

Other ciphers return the length of the Payload for TLS as a result of an
EVP_DecryptUpdate() operation - but  ChaCha20-Poly1305 did not. We change
it so that it does.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12288)

diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305.c b/providers/implementations/ciphers/cipher_chacha20_poly1305.c
index c34ef320ab75656c7001ac60a0d2aa8883c02664..3fa4684125e72b020a59d5072f0cdf2304d9928c 100644 (file)
--- a/providers/implementations/ciphers/cipher_chacha20_poly1305.c
+++ b/providers/implementations/ciphers/cipher_chacha20_poly1305.c
@@ -275,7 +275,6 @@ static int chacha20_poly1305_cipher(void *vctx, unsigned char *out,
     if (!hw->aead_cipher(ctx, out, outl, in, inl))
         return 0;
 
-    *outl = inl;
     return 1;
 }
 

diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c b/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c
index 74b8fb658604ad2ec95198b9eaf98488239fdaef..70ffaf1588b4073bfbe383e05f1760eca0395781 100644 (file)
--- a/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c
+++ b/providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c
@@ -252,6 +252,8 @@ static int chacha20_poly1305_tls_cipher(PROV_CIPHER_CTX *bctx,
                        len - POLY1305_BLOCK_SIZE);
             return 0;
         }
+        /* Strip the tag */
+        len -= POLY1305_BLOCK_SIZE;
     }
 
     *out_padlen = len;