From cf7d1cfdb2215bf8b35bc277d06154f83f069e47 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Tue, 23 Oct 2018 09:21:18 +0200
Subject: ssl: Correct length to be used in additional data in
 CHACHA20_POLY1305 cipher

---
 lib/ssl/src/ssl_record.erl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/ssl/src/ssl_record.erl b/lib/ssl/src/ssl_record.erl
index d31e429283..b9d1320ef3 100644
--- a/lib/ssl/src/ssl_record.erl
+++ b/lib/ssl/src/ssl_record.erl
@@ -452,7 +452,7 @@ decrypt_nonce(?AES_GCM, #cipher_state{iv = <<Salt:4/bytes, _/binary>>}, <<Explic
 aead_ciphertext_split(?CHACHA20_POLY1305, #cipher_state{tag_len = Len}, CipherTextFragment, AAD) ->
     CipherLen = size(CipherTextFragment) - Len,
     <<CipherText:CipherLen/bytes, CipherTag:Len/bytes>> = CipherTextFragment,
-    {end_additional_data(AAD, Len), CipherText, CipherTag};
+    {end_additional_data(AAD, CipherLen), CipherText, CipherTag};
 aead_ciphertext_split(?AES_GCM,  #cipher_state{tag_len = Len}, CipherTextFragment, AAD) ->
     CipherLen = size(CipherTextFragment) - (Len + 8), %% 8 is length of explicit Nonce
     << _:8/bytes, CipherText:CipherLen/bytes, CipherTag:Len/bytes>> = CipherTextFragment,
-- 
cgit v1.2.3