Authenticated OpenSSL Encryption

Question

Authenticated OpenSSL Encryption

I am trying to use OpenSSL for authenticated encryption. In particular, I am trying to use AES-256-GCM (or CCM).

However, when I run openssl list-cipher-commands , I do not see it. Only those AES ciphers are shown:

 aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb aes-256-cbc aes-256-ecb

I am on openssl 1.0.1e, so it should be supported.

+4

cryptography openssl encryption aes aes-gcm

LanguagesNamedAfterCofee Aug 08 '13 at 3:17

source share

1 answer

Li-Ting Tsai · Accepted Answer · 2013-08-11T04:36:25+0000

OpenSSL supports aes-256-gcm as an algorithm, but it does not support aes-256-gcm as a command line tool. The difference is that you can enter openssl aes-256-cbc at the command line to encrypt something. On the other hand, there is no such openssl aes-256-gcm command line tool.

You can use the EVP interface to invoke the aes-256-gcm algorithm, as this answer shows.

By the way, you can try using openssl enc aes-256-gcm on the command line. This does not work either. Since the enc command is processed no additional authenticated data . See here for more details.

Authenticated OpenSSL Encryption

More articles: