Am Mittwoch, 27. Mai 2015, 17:24:41 schrieb Herbert Xu: Hi Herbert, >- >- if (ctx->enc) { >- /* round up output buffer to multiple of block size */ >- outlen = ((used + bs - 1) / bs * bs); Why wouldn't the round up for the output not be needed any more? If the caller provides input data that is not multiple of block sizes and the output buffer is also not multiple of block sizes, wouldn't an encrypt overstep boundaries? >- /* add the size needed for the auth tag to be created */ >- outlen += as; >- } else { >- /* output data size is input without the authentication tag */ >- outlen = used - as; >- /* round up output buffer to multiple of block size */ >- outlen = ((outlen + bs - 1) / bs * bs); Same here. >- } >+ used -= ctx->aead_assoclen + (ctx->enc ? as : 0); Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html