Hi Kaleb,

It looks like you are talking past each other, maybe choice of "stream" wording is confusing. It refers here not to distinction between stream/block ciphers but to processing data chunks as they arrive without buffering full file in memory(which can be of any size and we can't change cipher mode or framing or anything else because we have to interoperate with existing implementations). I.e. we would like to see API which can be used in chunked fashion, like { init, update, update, ..., finish }, not current function which handles all data in one go.
I'm pretty sure intermediate resources needed for this are constant and consist of two counter blocks and one hash block, i.e. 48 bytes.

You could look for inspiration here https://stackoverflow.com/questions/121 … 2#13045182
Take note of while loops. It doesn't loop over AAD portion, but it is both supported by OpenSSL and not required in our case(because its size is small).