Move gcm decryption tag check higher up in the callstack

Code was updated for s390 that accidently removed the check inside the final method.
Moving the check up before the final method is called is a better way of handling this.
The oneshot method also calls the final method but doesnt need to do this check.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9945)

1 files changed, 1 insertions, 2 deletions

diff --git a/providers/common/ciphers/cipher_gcm_hw.c b/providers/common/ciphers/cipher_gcm_hw.c
index e2587f2e5e..8b2913c695 100644
--- a/providers/common/ciphers/cipher_gcm_hw.c
+++ b/providers/common/ciphers/cipher_gcm_hw.c
@@ -90,8 +90,7 @@ int gcm_cipher_final(PROV_GCM_CTX *ctx, unsigned char *tag)
         CRYPTO_gcm128_tag(&ctx->gcm, tag, GCM_TAG_MAX_SIZE);
         ctx->taglen = GCM_TAG_MAX_SIZE;
     } else {
-        if (ctx->taglen == UNINITIALISED_SIZET
-            || CRYPTO_gcm128_finish(&ctx->gcm, tag, ctx->taglen) != 0)
+        if (CRYPTO_gcm128_finish(&ctx->gcm, tag, ctx->taglen) != 0)
             return 0;
     }
     return 1;