Thanks for the explanation Mr. Henson.
I do not wish to take up too much of your time, but as I am still trying
to understand OpenSSL, I would be grateful if you can add a few words on
how you cope with this in TLS, and point me to the corresponding source
code.
Thanks again,
Michel.
Le 12/10/2012 19:26, Dr. Stephen Henson a écrit :
On Fri, Oct 12, 2012, Michel wrote:
I am guessing that 'special handling' is linked to the 'no
additional authentication data' issue discussed in :
http://incog-izick.blogspot.fr/2011_08_01_archive.html
It's to do with the fact that additional parameters are required with GCM and
how the tag should be handled. It might be appropriate to handle this by
appending it to the output but that adds complications on decrypt in that you
don't know in advance where the tag is and would need to buffer tag bytes
of data until you hit EOF.
None of this is handled by the cipher BIO used by the enc command some
additional functionality will be needed for this (and CCM).
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
