mac check in GCM failed Errors

Cantor, Scott cantor.2 at
Mon Mar 12 09:27:11 EDT 2018

> So there's no solution?

You have data in the wild under a key you don't have, so you either provide the key or wait for all of that data in the wild to be fed back and fail to decrypt and get replaced. There is no hard time limit within which somebody can't come back years later with something that can't be decrypted, even though it's long since expired. If the key history is 30 days, any data encrypted over 30 days ago will fail instead of just being detected as expired. It's just how it works. It could be improved I suppose by storing the expiration in the clear as a hint to avoid needless decryption attempts and log noise, but that isn't what I did.

-- Scott

More information about the users mailing list