gocryptfs-xray tool does not correctly print auth tags of encrypted files in AES-SIV mode #299
Description
In GCM mode the auth tags are at the end of each block, but in SIV mode the auth tags follow immediately after the nonce. As a result, in AES-SIV mode the output of gocryptfs-xray is misleading and does not actually print the auth tag, but just the last 16-byte of the ciphertext.
The differences also are not properly documented yet:
https://github.com/rfjakob/gocryptfs/blob/master/Documentation/file-format.md