Hi folks,
I'm a bit of a newbie to OpenSSL (certainly to the forums), but I have
worked with the code for a little while now. I have some questions about
GCM which I'm hoping are appropriate to ask here:
1) Is there a way to run a GCM (AES-GCM-{128,192,256} FWIW) in a fashion
that does not require any action with the authentication tag but where
Finalize() will still succeed? To put it another way (sort of): is there
a mode where the caller can notify OpenSSL that authentication isn't
important for this operation -- and still have the Finalize() routine
succeed?
2) If not, GCM supports precomputing the block keys, so that
(presumably) hardware implentations can encrypt entire files in
parallel. I understand that this might not be a particular feature which
software would care about, but being able to compute the key value based
on the block number of read does mean that if one has to do a read
operation on a byte range in the middle of the file, techincally one can
simply decrypt *only* the block range which encompasses the first and
last bytes. No need to read the entire file (at least right at that
moment). Does OpenSSL support setting the counter for a GCM read
operation?
3) If "yes" to #2, can OpenSSL do the same thing for the
obviously-for-more-tricky write case (including proper updating of the
authentication tag).
4) If the answer is "no" to 1, 2, and 3, can we be sure that
operationFinalize() will properly cleanse the encryption context even if
it's going to return with an error because the authentiation tag data is
wrong or hasn't been supplied? I did some GDB'ing with a breakpoint set
at EVP_DecryptFinalize() (or something like that) and it seemed to me
that, in the case where I was doing the the entire GCM decrypt
correctly, that I would see a couple of OPENSSL_cleanse() calls while
Finalize() was running. However, in the case where I deliberately did
*not* set the tag, EVP_DecryptFinalize() not only returned with an
error, but it didn't seem to call either of the cleanse() routines.
Cheers,
/jtt
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
