feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #3383 from kaleb-himes/ACVP_TESTING_UPDATE

Browse Source 
In ACVP testing NIST needs to see failed decryption output
This commit is contained in:
John Safranek
2020-11-02 10:42:28 -08:00
committed by GitHub
parent 87abb5257e 8826823724
commit 29c7351fe0
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
wolfcrypt/src/aes.c
View File

@ -7463,7 +7463,12 @@ int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
/* If the authTag check fails, don't keep the decrypted data. /* If the authTag check fails, don't keep the decrypted data.
* Unfortunately, you need the decrypted data to calculate the * Unfortunately, you need the decrypted data to calculate the
* check value. */ * check value. */
XMEMSET(out, 0, inSz); #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) && \
defined(ACVP_VECTOR_TESTING)
WOLFSSL_MSG("Preserve output for vector responses");
#else
XMEMSET(out, 0, inSz);
#endif
result = AES_CCM_AUTH_E; result = AES_CCM_AUTH_E;
} }