On Sun, Dec 18, 2016 at 5:09 PM, Viktor Dukhovni <openssl-users@xxxxxxxxxxxx> wrote: > >> On Dec 18, 2016, at 2:55 PM, Walter H. via openssl-users <openssl-users@xxxxxxxxxxx> wrote: >> >> encrypt >> openssl enc -e -in file -out encryptfile -aes-256-gcm > > GCM is not supported with "openssl enc(1)". Use a CBC cipher > instead. +1. This was late to be documented, but its available at (https://www.openssl.org/docs/man1.0.2/apps/enc.html): "The enc program does not support authenticated encryption modes like CCM and GCM. The utility does not store or retrieve the authentication tag." Maybe the encrypt program should throw an error rather than producing incorrect results without a warning. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
