Am Dienstag, 30. Dezember 2014, 04:33:41 schrieb Herbert Xu:
Hi Herbert,
> On Mon, Dec 29, 2014 at 04:05:40PM +0100, Stephan Mueller wrote:
> > This would mean that the check must stay in recvmsg as only here we know
> > that the caller wants data to be processed.
>
> On the send side you would
Am Dienstag, 30. Dezember 2014, 04:33:41 schrieb Herbert Xu:
Hi Herbert,
>
> > > PS we should add a length check for missing/partial auth tags
> > > to crypto_aead_decrypt. We can then remove such checks from
> > > individual implementations.
> >
> > I agree in full here. Shall I create such a
On Mon, Dec 29, 2014 at 04:05:40PM +0100, Stephan Mueller wrote:
>
> This would mean that the check must stay in recvmsg as only here we know that
> the caller wants data to be processed.
On the send side you would do the check when MSG_MORE is unset.
On the receive side you should stop waiting o
Am Montag, 29. Dezember 2014, 21:33:19 schrieb Herbert Xu:
Hi Herbert,
> On Thu, Dec 25, 2014 at 11:01:47PM +0100, Stephan Mueller wrote:
> > + err = -ENOMEM;
>
> This should be EINVAL.
Changed
>
> > + if (!aead_sufficient_data(ctx))
> > + goto unlock;
>
> So we're checking two
On Thu, Dec 25, 2014 at 11:01:47PM +0100, Stephan Mueller wrote:
>
> + err = -ENOMEM;
This should be EINVAL.
> + if (!aead_sufficient_data(ctx))
> + goto unlock;
So we're checking two things here, one that we have enough data
for AD and two we have the authentication tag. Th
