[openssl-users] AES-GCM failing from Command Line Interface
matt at openssl.org
Tue Feb 10 15:43:26 UTC 2015
On 10/02/15 15:31, Sec_Aficionado wrote:
> Thanks for keeping me honest! I see it now, but I totally missed it before. I must have just played with the cli and not read the full page.
> Can you please confirm that EVP is the way to go? I'll create my own little PHP extension since I only need a very specific action.
Yes. EVP is the correct way to use GCM.
Note the docs on the website are for 1.1.0 (unreleased) and are subtly
different to 1.0.2/1.0.1. In particular they use the newly introduced
AEAD flags instead of mode specific ones. So where the docs talk about:
You should instead use the GCM specific versions:
These will still work when 1.1.0 is released.
More information about the openssl-users