[openssl-users] EVP_aes_256_gcm -- receiving of tag

Dr. Stephen Henson steve at openssl.org
Wed Jan 21 14:52:42 UTC 2015

On Tue, Jan 20, 2015, 'Chris Hall' wrote:

> I find that the EVP_aes_256_gcm for decrypt requires the Tag to be set
> before the first call of EVP_DecryptUpdate(), and EVP_DecryptFinal_ex()
> with then return 0 if the Tag is found to be incorrect.

Unless you're using an old version of OpenSSL you should be able to
specify the tag after any EVP_DecryptUpdate calls but it still has to
be before EVP_DecryptFinal().

This was addressed by commit 96f7fafa24313106b121782f1dcf7928dd0838ed

Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

More information about the openssl-users mailing list