EVP_aes_256_gcm -- receiving of tag

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dr. Stephen Henson wrote (on Wed 21-Jan-2015 at 14:53 +0000):
> On Tue, Jan 20, 2015, 'Chris Hall' wrote:
...
> > I find that the EVP_aes_256_gcm for decrypt requires the Tag to be
> > set before the first call of EVP_DecryptUpdate(), and
> > EVP_DecryptFinal_ex() with then return 0 if the Tag is found to
> > be incorrect.

> Unless you're using an old version of OpenSSL you should be able to
> specify the tag after any EVP_DecryptUpdate calls but it still has to
> be before EVP_DecryptFinal().
> 
> This was addressed by commit 96f7fafa24313106b121782f1dcf7928dd0838ed

Thanks.

It's very kind of EVP_DecryptFinal() to check the Tag, but I could do
with a way of getting hold of the Tag generated.  In particular, I want
to append signed copy of the Tag to the message, so the receiver may not
even know what the Tag is.

I suppose I could send the Tag between the encrypted message and the
trailing signature, but I don't particularly want to reveal the Tag.
Also, this is messing with the message format to fit the library !

Thanks,

Chris



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux