EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof(gcm_tag), gcm_tag); When you change tag length with the above statement, you are telling the decrypt context to consider only those many number of bytes for tag comparision.
On Wed, Jun 18, 2014 at 4:52 PM, Michel <msa...@paybox.com> wrote: > Hi all, > > I was surprised that decryption succeeded in GCM mode althought the tag > was shorter than the one produced when encrypting, > as it is not the case in CCM. Is it the intended behaviour ? > > In order to rule out a possible bug in my program, I finally used the > example code at : > https://github.com/openssl/openssl/blob/master/demos/evp/aesccm.c > https://github.com/openssl/openssl/blob/master/demos/evp/aesgcm.c > using OpenSSL 1.0.1h. > > When altering line 91 of of aesccm.c with 'sizeof(ccm_tag)-1', decryption > failed. > But doing the same with aesgcm.c, line 100 : sizeof(gcm_tag)-10, > decryption succeeded. > > Thanks in advance for any assistance with this. > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
