Skip to content

Commit f7a13e5

Browse files
tniessentargos
authored andcommitted
doc: relax requirements for setAAD in CCM mode
This was fixed in OpenSSL 1.1.1c (openssl/openssl@b48e3be947). The authentication tag can now be specified after setAAD was called, matching the behavior of the other supported AEAD modes (GCM, OCB). Refs: openssl/openssl#7243 PR-URL: #28624 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Rich Trott <[email protected]>
1 parent bf2d5a7 commit f7a13e5

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

doc/api/crypto.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2837,7 +2837,7 @@ mode must adhere to certain restrictions when using the cipher API:
28372837
bytes (`7 ≤ N ≤ 13`).
28382838
- The length of the plaintext is limited to `2 ** (8 * (15 - N))` bytes.
28392839
- When decrypting, the authentication tag must be set via `setAuthTag()` before
2840-
specifying additional authenticated data or calling `update()`.
2840+
calling `update()`.
28412841
Otherwise, decryption will fail and `final()` will throw an error in
28422842
compliance with section 2.6 of [RFC 3610][].
28432843
- Using stream methods such as `write(data)`, `end(data)` or `pipe()` in CCM

0 commit comments

Comments
 (0)