Error implementing AES-GCM using EVP from OpenSSL

Thu, 28 Feb 2013 23:20:19 -0800 

I am trying to add AES-GCM mode to my code which has been working for most 
other modes for quite a while now. The mode is given as a parameter and I use 
it for GCM mode to switch and do special stuff such as to set the AAD and 
get/set the tag for AES-GCM mode.

In the encipherment function I store the tag at the end of the ciphertext and 
return a larger data size. In the decipherment function I automatically reduce 
the size by 16 and use the last 16 bytes as the tag to compare. This will be so 
documented for this mode in the library header.

I've followed the advise of these two posting:
http://stackoverflow.com/questions/12153009/openssl-c-example-of-aes-gcm-using-evp-interfaces
and
http://incog-izick.blogspot.in/2011/08/using-openssl-aes-gcm.html

My problem is that the call to get the tag fails (EVP_CIPHER_CTX_ctrl() returns 
1) in the encipherment function.

Can anybody shine some light on what my problem may be? (I can post code if you 
want, but the referenced links contain good code already)

I am working on Ubuntu 12.10 which has the following OpenSSL installed:

$ openssl version -a

OpenSSL 1.0.1 14 Mar 2012 built on: Tue Aug 21 05:18:48 UTC 2012 platform: 
debian-amd64 options: bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx) 
compiler: cc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT 
-DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -g -O2 -fstack-protector 
--param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security 
-D_FORTIFY_SOURCE=2 -Wl,-Bsymbolic-functions -Wl,-z,relro -Wa,--noexecstack 
-Wall -DOPENSSL_NO_TLS1_2_CLIENT -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 
-DMD32_REG_T=int -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM 
-DGHASH_ASM OPENSSLDIR: "/usr/lib/ssl"

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to