Am Samstag, 7. Oktober 2017, 04:51:17 CEST schrieb Herbert Xu: Hi Herbert, > > No I'm talking about the underlysing skcipher. authenc is an > aead, and it is legal to make a zero skcipher call. The underlying > skcipher should make sure that it works. > > So which underlying skcipher is barfing over a zero input? I use authenc(hmac(sha256),cbc(aes)) which in turn uses cbc-aes-aesni on my system. Ciao Stephan