[openssl-users] EVP_aes_256_gcm -- receiving of tag

['Chris Hall']

I find that the EVP_aes_256_gcm for decrypt requires the Tag to be set
before the first call of EVP_DecryptUpdate(), and EVP_DecryptFinal_ex()
with then return 0 if the Tag is found to be incorrect.

I was hoping to be able to get the Tag, by EVP_CTRL_GET_TAG, but the
documentation say that only works for encryption.

Is there a way of reaching into (or below) the EVP stuff, to (a) prevent
EVP_DecryptFinal_ex() from requiring and checking the Tag, and (b)
getting the Tag after EVP_DecryptFinal_ex() -- same like after
EVP_EncryptFinal_ex() ?

I ask because I have an application which encrypts an arbitrary amount
of data and starts sending it before all of it has been encrypted.  What
I have found so far seems to require me to receive all the cipher-text,
and only when the Tag (finally) arrives, can I start to decrypt :-(

Thanks,

Chris