Remove aad_len check on NULL out buffer (#6820)

microsoft · Feb 10, 2025 · 6866055 · 6866055
1 parent 8b274d4
commit 6866055
Showing 1 changed file with 0 additions and 14 deletions.
diff --git a/src/crypto/openssl/symmetric_key.cpp b/src/crypto/openssl/symmetric_key.cpp
@@ -69,13 +69,6 @@ namespace ccf::crypto
     {
       int aad_outl{0};
       CHECK1(EVP_EncryptUpdate(ctx, NULL, &aad_outl, aad.data(), aad.size()));
-
-// As we set out buffer to NULL, we expect the output length to be 0.
-// However, openssl 1.1.1 sets it to the input length, which doesn't break
-// the encryption, but still looks wrong.
-#if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3
-      assert(aad_outl == 0);
-#endif
     }
 
     std::vector<uint8_t> ciphertext(plain.size());
@@ -124,13 +117,6 @@ namespace ccf::crypto
     {
       int aad_outl{0};
       CHECK1(EVP_DecryptUpdate(ctx, NULL, &aad_outl, aad.data(), aad.size()));
-
-// As we set out buffer to NULL, we expect the output length to be 0.
-// However, openssl 1.1.1 sets it to the input length, which doesn't break
-// the encryption, but still looks wrong.
-#if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3
-      assert(aad_outl == 0);
-#endif
     }
 
     std::vector<uint8_t> plaintext(cipher.size());