It appears that the tags usually appended to the ciphertext aren't verified. At least the code in aes.c doesn't look like it handles tags at all. I think it would be good to either
a) follow other other APIs (e.g. Java) and expect the tag to be appended and use it for verification.
or
b) allow the user to supply the tag
It appears that the tags usually appended to the ciphertext aren't verified. At least the code in
aes.cdoesn't look like it handles tags at all. I think it would be good to either a) follow other other APIs (e.g. Java) and expect the tag to be appended and use it for verification. or b) allow the user to supply the tagExample implementation, using tags to verify the ciphertext: https://wiki.openssl.org/images/0/08/Evp-gcm-encrypt.c
Information about the usual location of tags: https://crypto.stackexchange.com/questions/25249/where-is-the-authentication-tag-stored-in-file-encrypted-using-aes-gcm