From 837af430ff0e66058a590301600937442936d0e9 Mon Sep 17 00:00:00 2001
From: Minos Galanakis <minos.galanakis@arm.com>
Date: Thu, 22 Aug 2024 09:21:53 +0100
Subject: [PATCH] ccm.c: Return early when ccm* is used without tag.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
---
 library/ccm.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/ccm.c b/library/ccm.c
index 45ed697dd3..969c6c781b 100644
--- a/library/ccm.c
+++ b/library/ccm.c
@@ -170,11 +170,12 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx)
     }
 
     /* CCM expects non-empty tag.
-     * CCM* allows empty tag. For CCM* without tag, ignore plaintext length.
+     * CCM* allows empty tag. For CCM* without tag, the tag calculation is skipped.
      */
     if (ctx->tag_len == 0) {
         if (ctx->mode == MBEDTLS_CCM_STAR_ENCRYPT || ctx->mode == MBEDTLS_CCM_STAR_DECRYPT) {
             ctx->plaintext_len = 0;
+            return 0;
         } else {
             return MBEDTLS_ERR_CCM_BAD_INPUT;
         }