On Tue, Jan 20, 2015, 'Chris Hall' wrote: > > I find that the EVP_aes_256_gcm for decrypt requires the Tag to be set > before the first call of EVP_DecryptUpdate(), and EVP_DecryptFinal_ex() > with then return 0 if the Tag is found to be incorrect. > Unless you're using an old version of OpenSSL you should be able to specify the tag after any EVP_DecryptUpdate calls but it still has to be before EVP_DecryptFinal(). This was addressed by commit 96f7fafa24313106b121782f1dcf7928dd0838ed Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org
