On 8/10/2020 8:03 PM, Eric Biggers wrote:

On Mon, Aug 10, 2020 at 05:33:39PM +0300, Horia Geantă wrote:

quoted

On 8/10/2020 4:45 PM, Herbert Xu wrote:

quoted

On Mon, Aug 10, 2020 at 10:20:20AM +0000, Van Leeuwen, Pascal wrote:

quoted

With all due respect, but this makes no sense.

I agree.  This is a lot of churn for no gain.

I would say the gain is that all skcipher algorithms would behave the same
when input length equals zero - i.e. treat the request as a no-op.

We can't say "no input" has any meaning to the other skcipher algorithms,
but the convention is to accept this case and just return 0.
I don't see why XTS has to be handled differently.

CTS also rejects empty inputs.

The rule it follows is just that all input lengths >= blocksize are allowed.
Input lengths < blocksize aren't allowed.

Indeed, thanks.

What about, for example, CBC?
AFAICT cbc(aes) with input length = 0 is valid.

Same for CTR (with the note that blocksize = 1) and several other algorithms
mentioned in the cover letter.

What's the rule in these cases?

Thanks,
Horia