[openssl-dev] [openssl.org #4521] openssl GCM ordering
Praveen Kariyanahalli via RT
rt at openssl.org
Tue Apr 26 02:09:33 UTC 2016
Is there is a reason why openssl has restriction of auth before encrypt
order ? I dont believe there is an algo restriction, was wondering why
openssl has this.
*int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,*
* size_t len)*
*{*
*[snip]*
* if (ctx->len.u[1])*
* return -2; <<<<<<<<<<<<<< Premature return*
* alen += len;*
The reason I bring this up, is that when I broadcast/multicast traffic need
not encrypt the payload multiple times, but need to auth the header
differently and openssl is refusing to cooperate :)
Please throw light on how to work around this problem. Also please correct
me if my assumption is wrong.
Thanks in advance
-Praveen
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4521
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list