On Wed, Apr 22, 2015 at 06:36:59AM +0200, Stephan Mueller wrote: > > The key wrapping is an authenticated encryption operation without > associated data. Therefore, setting of AAD is permissible, but that data > is not used by the cipher implementation.
In that case you should return an error if AAD is provided rather than silently discarding them since by definition AEAD must include the AAD in the integrity value. Cheers, -- Email: Herbert Xu <herb...@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
