On Wed, May 27, 2015 at 12:10:03PM +0200, Stephan Mueller wrote:
>
> >-
> >- if (ctx->enc) {
> >- /* round up output buffer to multiple of block size */
> >- outlen = ((used + bs - 1) / bs * bs);
>
> Why wouldn't the round up for the output not be needed any more? If the caller
> provides input data that is not multiple of block sizes and the output buffer
> is also not multiple of block sizes, wouldn't an encrypt overstep boundaries?
No the AEAD algorithm should fail them instead. We do the same
thing in algif_skcipher where it's up to the underlying algorithm
to fail requests that do not contain full blocks.
Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
