jclc
commented
8 months ago My mistake. I missed the part where AEAD methods are not meant to return any decoded plaintext until the entire operation is finished.
Closed jclc closed 8 months ago
jclc
commented
8 months ago My mistake. I missed the part where AEAD methods are not meant to return any decoded plaintext until the entire operation is finished.
I'm working on adding AES/GCM encrypt/decrypt support for OpenSC pkcs11-tool and I noticed something when testing with SoftHSM2. Encryption works fine, but C_DecryptUpdate always fails with CKR_BUFFER_TOO_SMALL. This error doesn't really make any sense, since the function is always given an output buffer of 1024 bytes
Decryption in a single step using C_Decrypt works fine. pkcs11-tool uses this for inputs less or equal to 1024 bytes.