From f7a13e5034f1269901ef9ddfe3fa1a8d27c2cae7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= <tniessen@tnie.de>
Date: Wed, 10 Jul 2019 16:35:06 +0200
Subject: [PATCH] doc: relax requirements for setAAD in CCM mode

This was fixed in OpenSSL 1.1.1c (openssl/openssl@b48e3be947). The
authentication tag can now be specified after setAAD was called,
matching the behavior of the other supported AEAD modes (GCM, OCB).

Refs: https://github.com/openssl/openssl/pull/7243

PR-URL: https://github.com/nodejs/node/pull/28624
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Rich Trott <rtrott@gmail.com>
---
 doc/api/crypto.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index 93098a6f3edc2b..6f05f012681af2 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -2837,7 +2837,7 @@ mode must adhere to certain restrictions when using the cipher API:
   bytes (`7 ≤ N ≤ 13`).
 - The length of the plaintext is limited to `2 ** (8 * (15 - N))` bytes.
 - When decrypting, the authentication tag must be set via `setAuthTag()` before
-  specifying additional authenticated data or calling `update()`.
+  calling `update()`.
   Otherwise, decryption will fail and `final()` will throw an error in
   compliance with section 2.6 of [RFC 3610][].
 - Using stream methods such as `write(data)`, `end(data)` or `pipe()` in CCM