Am Dienstag, 21. April 2020, 10:08:14 CEST schrieb Ondrej Mosnáček: Hi Ondrej, > Hi all, > > the libkcapi [1] tests are failing on kernels 5.5-rc1 and above [2]. > All encryption/decryption tests that use 'ctr(aes)' and a message size > that is not a multiple of 16 fail due to kcapi-enc returning different > output than expected. Confirmed. On the recent kernels, the data generated by kcapi-enc contains trailing zero bytes for data that is a fraction of the block size. I think the issue is in the following kernel code in _skcipher_recvmsg: unsigned int bs = crypto_skcipher_chunksize(tfm); /* * If more buffers are to be expected to be processed, process only * full block size buffers. */ if (ctx->more || len < ctx->used) len -= len % bs; The kernel truncates the size to be processed to the chunk size. As the chunksize returns the block size of the underlying cipher (e.g. AES -> 16), the kernel code will not process non-aligned data. Herbert, could you help me identifying what exactly was the root cause for the patch 5b0fe9552336338acb52756daf65dd7a4eeca73f ? I.e. it seems that stream ciphers made out of a block cipher would not generate the data part that is a fraction of the block size (e.g. CTR, CTS). Ciao Stephan