On Fri, Dec 02, 2016 at 03:16:26PM +0100, Stephan Mueller wrote: > > In addition, the code now handles the situation where the provided > output buffer is too small by reducing the size of the processed > input buffer accordingly. Due to this handling, he changes are I think that's dangerous. The AEAD interface doesn't do chaining so it's all or nothing. If the input doesn't fit within the output buffer then you should not truncate the input as that would either generate a bogus tag on encryption or accept a bogus tag on decryption. I suggest that you instead return EINVAL in such a case. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html