In OpenSSL encryption in PHP using aes-256-gcm, is the tag_length a value that the coder chooses or is it chosen by the method and returned to the pointer as done with the tag? It reads it can be between 4 and 16. Is the tag_length entered in the encryption function guaranteed to be the length of the tag returned?
Also, how is the aad ("Additional authenticated data") used and why would it be used?
Thank you.
GCM is authenticated encryption and guarantees confidentiality and authenticity. For the latter an authentication tag is used.
The assurance of authenticity means that the data (ciphertext, IV, AAD) cannot be changed without this being noticed (by the authenticity check via the authentication tag during decryption).
The authentication tag is generated automatically during encryption and can be referenced via $tag. The tag length can be specified with $tag_length and is 16 bytes by default, s. openssl_encrypt(). According to the GCM specification (s. NIST SP 800-38D, sec. 5.2.1.2 Output Data), tag sizes of 16, 15, 14, 13, 12 and in special cases 8 and 4 bytes are permitted (deviating from this, PHP/OpenSSL supports all sizes between 4 and 16 bytes). The greater the tag length, the greater the security.
During decryption, the tag must be specified, s. openssl_decrypt(). The tag (as well as the IV) is not secret and is passed along with the ciphertext (and the IV) to the decrypting side, usually concatenated, e.g. IV|ciphertext|tag.
AAD (additional authenticated data) is data that is authenticated but not encrypted (this could be any information for which you want to ensure that it is not changed, but which is not secret and therefore does not need to be encrypted).
Example (GCM encryption/decryption with 12 bytes tag and with AAD):
$ct = openssl_encrypt('my secret data', 'aes-128-gcm', '0123456789012345', 0, '012345678901', $tag, "my aad", 12); // 12 bytes tag
print('Tag: ' . bin2hex($tag) . PHP_EOL); // Tag: 095c111ecb13b0d411878dfd
$dt = openssl_decrypt($ct, 'aes-128-gcm', '0123456789012345', 0, '012345678901', $tag, "my aad");
print('Decrypted: ' . $dt); // Decrypted: my secret data