I am tasked with setting up encryption and decryption on top of a custom transfer protocol. I am able to entrypt and decrypt 16 byte long characters. But now stepping up the game and trying to apply the same logic on strings of much higher lengths. For the 16 byte decrypt I used the function
mbedtls_gcm_auth_decrypt(&gcm_ctx,chunk_size,(const unsigned char*)siv.iv,siv.size,(const unsigned char *)add_data, add_size, auth_tag, auth_tag_size,p,outputBuffer);
And it decrypts my text. But its not working when I provide a whole bunch of encrypted text (304 bytes long), it throws an error code -0x12 (Authentication failed). I am not even sure if it takes bulk input. If it did, why is there another function mbedtls_gcm_starts and mbedtls_gcm_update, which is more painful to setup?
Can anybody weigh in?