You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current implementation performs limited checks only and silently
ignores superfluous bytes of the authentication tag. This change makes
setAuthTag throw when
- the user-specified authTagLength does not match the actual tag length,
especially when the authentication tag is longer than 16 bytes, and
when
- the mode is GCM, no authTagLength option has been specified and the
tag length is not a valid GCM tag length.
This change makes the conditional assignment in SetAuthTag unnecessary,
which is replaced with a CHECK.
Refs: #17825
PR-URL: #20040
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Yihong Wang <yh.wang@ibm.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
0 commit comments