[openssl-users] EVP_aes_256_gcm -- receiving of tag
Dr. Stephen Henson
steve at openssl.org
Wed Jan 21 14:52:42 UTC 2015
On Tue, Jan 20, 2015, 'Chris Hall' wrote:
> I find that the EVP_aes_256_gcm for decrypt requires the Tag to be set
> before the first call of EVP_DecryptUpdate(), and EVP_DecryptFinal_ex()
> with then return 0 if the Tag is found to be incorrect.
Unless you're using an old version of OpenSSL you should be able to
specify the tag after any EVP_DecryptUpdate calls but it still has to
be before EVP_DecryptFinal().
This was addressed by commit 96f7fafa24313106b121782f1dcf7928dd0838ed
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
More information about the openssl-users