[openssl-users] GCM
Matt Caswell
matt at openssl.org
Fri Jan 9 20:41:48 UTC 2015
On 09/01/15 19:42, Amir Reda wrote:
> dear all
> i'm trying to use AES-GCM model for encryption i use a sample code for that
>
> and my problem is
>
> ret = EVP_DecryptFinal_ex(ctx, plaintext + len, &len);
>
> ret all the time is 0 this means that
>
> the plaintext is not trustworthy.
>
> encryption function
>
<snip>
> //get the tag
> EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag);
You should check the return value of this function here.
You also haven't free'd up your ctx.
<snip>
> //add the tag
> if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag))
This is wrong. You need to use EVP_CTRL_GCM_SET_TAG.
> {
> cout<<"success adding tag"<<endl;
> }
> else
> {
> cout<<"something wrong"<<endl;
> }
> //finalize the Decryption
> int ret = 1;
> ret = EVP_DecryptFinal_ex(ctx, plaintext + len, &len);
>
> cout<<" ret value is "<<ret<<endl;
>
> if (ret > 0)
> {
> cout<<"success final decryption"<<endl;
> plaintext_len += len;
> cout<<"palin text is "<<plaintext_len<<endl;
> return plaintext_len;
>
> }
> else
> {
> cout<<"decrypt fail"<<endl;
> return -1;
> }
> return ret;
Again you need to clean up your ctx.
Matt
More information about the openssl-users
mailing list