I'm working on adding AES/GCM encrypt/decrypt support for OpenSC pkcs11-tool and I noticed something when testing with SoftHSM2. Encryption works fine, but C_DecryptUpdate always fails with CKR_BUFFER_TOO_SMALL. This error doesn't really make any sense, since the function is always given an output buffer of 1024 bytes
Decryption in a single step using C_Decrypt works fine. pkcs11-tool uses this for inputs less or equal to 1024 bytes.
I'm working on adding AES/GCM encrypt/decrypt support for OpenSC pkcs11-tool and I noticed something when testing with SoftHSM2. Encryption works fine, but C_DecryptUpdate always fails with CKR_BUFFER_TOO_SMALL. This error doesn't really make any sense, since the function is always given an output buffer of 1024 bytes
Decryption in a single step using C_Decrypt works fine. pkcs11-tool uses this for inputs less or equal to 1024 bytes.