diff --git a/src/zipcrypto.rs b/src/zipcrypto.rs
index 43ef1048..995bf23f 100644
--- a/src/zipcrypto.rs
+++ b/src/zipcrypto.rs
@@ -183,11 +183,11 @@ impl<R: std::io::Read> std::io::Read for ZipCryptoReaderValid<R> {
         // Note: There might be potential for optimization. Inspiration can be found at:
         // https://github.com/kornelski/7z/blob/master/CPP/7zip/Crypto/ZipCrypto.cpp
 
-        let result = self.reader.file.read(buf);
-        for byte in buf.iter_mut() {
+        let n = self.reader.file.read(buf)?;
+        for byte in buf.iter_mut().take(n) {
             *byte = self.reader.keys.decrypt_byte(*byte);
         }
-        result
+        Ok(n)
     }
 }
 
diff --git a/tests/zip_crypto.rs b/tests/zip_crypto.rs
index 5edcdf25..9e91e1bd 100644
--- a/tests/zip_crypto.rs
+++ b/tests/zip_crypto.rs
@@ -16,6 +16,21 @@
 // 000000b0  4b 05 06 00 00 00 00 01  00 01 00 5a 00 00 00 55  |K..........Z...U|
 // 000000c0  00 00 00 00 00                                    |.....|
 // 000000c5
+const ZIP_CRYPTO_FILE: &[u8] = &[
+    0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x01, 0x00, 0x00, 0x00, 0x54, 0xbd, 0xb5, 0x50, 0x2f, 0x20,
+    0x79, 0x55, 0x2f, 0x00, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x74, 0x65,
+    0x73, 0x74, 0x2e, 0x74, 0x78, 0x74, 0xca, 0x2d, 0x1d, 0x27, 0x19, 0x19, 0x63, 0x43, 0x77, 0x9a,
+    0x71, 0x76, 0xc9, 0xec, 0xd1, 0x6f, 0xd9, 0xf5, 0x22, 0x67, 0xb3, 0x8f, 0x52, 0xb5, 0x41, 0xbc,
+    0x5c, 0x36, 0xf2, 0x1d, 0x84, 0xc3, 0xc0, 0x28, 0x3b, 0xfd, 0xe1, 0x70, 0xc2, 0xcc, 0x0c, 0x11,
+    0x0c, 0xc5, 0x95, 0x2f, 0xa4, 0x50, 0x4b, 0x01, 0x02, 0x3f, 0x00, 0x14, 0x00, 0x01, 0x00, 0x00,
+    0x00, 0x54, 0xbd, 0xb5, 0x50, 0x2f, 0x20, 0x79, 0x55, 0x2f, 0x00, 0x00, 0x00, 0x23, 0x00, 0x00,
+    0x00, 0x08, 0x00, 0x24, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x74, 0x65, 0x73, 0x74, 0x2e, 0x74, 0x78, 0x74, 0x0a, 0x00, 0x20, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x01, 0x00, 0x18, 0x00, 0x31, 0xb2, 0x3b, 0xbf, 0xb8, 0x2f, 0xd6, 0x01, 0x31,
+    0xb2, 0x3b, 0xbf, 0xb8, 0x2f, 0xd6, 0x01, 0xa8, 0xc4, 0x45, 0xbd, 0xb8, 0x2f, 0xd6, 0x01, 0x50,
+    0x4b, 0x05, 0x06, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x5a, 0x00, 0x00, 0x00, 0x55,
+    0x00, 0x00, 0x00, 0x00, 0x00,
+];
 
 use std::io::Cursor;
 use zip::result::ZipError;
@@ -44,23 +59,8 @@ fn encrypting_file() {
 #[test]
 fn encrypted_file() {
     use std::io::Read;
-    let zip_file_bytes = &mut Cursor::new(vec![
-        0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x01, 0x00, 0x00, 0x00, 0x54, 0xbd, 0xb5, 0x50, 0x2f,
-        0x20, 0x79, 0x55, 0x2f, 0x00, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00,
-        0x74, 0x65, 0x73, 0x74, 0x2e, 0x74, 0x78, 0x74, 0xca, 0x2d, 0x1d, 0x27, 0x19, 0x19, 0x63,
-        0x43, 0x77, 0x9a, 0x71, 0x76, 0xc9, 0xec, 0xd1, 0x6f, 0xd9, 0xf5, 0x22, 0x67, 0xb3, 0x8f,
-        0x52, 0xb5, 0x41, 0xbc, 0x5c, 0x36, 0xf2, 0x1d, 0x84, 0xc3, 0xc0, 0x28, 0x3b, 0xfd, 0xe1,
-        0x70, 0xc2, 0xcc, 0x0c, 0x11, 0x0c, 0xc5, 0x95, 0x2f, 0xa4, 0x50, 0x4b, 0x01, 0x02, 0x3f,
-        0x00, 0x14, 0x00, 0x01, 0x00, 0x00, 0x00, 0x54, 0xbd, 0xb5, 0x50, 0x2f, 0x20, 0x79, 0x55,
-        0x2f, 0x00, 0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x08, 0x00, 0x24, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x74, 0x65, 0x73, 0x74,
-        0x2e, 0x74, 0x78, 0x74, 0x0a, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x18,
-        0x00, 0x31, 0xb2, 0x3b, 0xbf, 0xb8, 0x2f, 0xd6, 0x01, 0x31, 0xb2, 0x3b, 0xbf, 0xb8, 0x2f,
-        0xd6, 0x01, 0xa8, 0xc4, 0x45, 0xbd, 0xb8, 0x2f, 0xd6, 0x01, 0x50, 0x4b, 0x05, 0x06, 0x00,
-        0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x5a, 0x00, 0x00, 0x00, 0x55, 0x00, 0x00, 0x00,
-        0x00, 0x00,
-    ]);
 
+    let zip_file_bytes = &mut Cursor::new(ZIP_CRYPTO_FILE);
     let mut archive = zip::ZipArchive::new(zip_file_bytes).unwrap();
 
     assert_eq!(archive.len(), 1); //Only one file inside archive: `test.txt`
@@ -102,3 +102,21 @@ fn encrypted_file() {
         assert_eq!(data, "abcdefghijklmnopqrstuvwxyz123456789".as_bytes());
     }
 }
+
+#[test]
+fn buffered_read() {
+    use std::io::{BufReader, Read};
+
+    // delibirately pick a buffer capacity in a way that when `ZipCryptoReaderValid` read happens, it's not going to take entire buffer,
+    // for this file it needs to be between 13..=46 bytes (with exception of 44 bytes)
+    let zip_file_bytes = &mut Cursor::new(ZIP_CRYPTO_FILE);
+    let buffered = BufReader::with_capacity(13, zip_file_bytes);
+    let mut archive = zip::ZipArchive::new(buffered).unwrap();
+
+    let mut file = archive.by_index_decrypt(0, b"test").unwrap();
+
+    // should not panic with `Custom { kind: Other, error: "Invalid checksum" }`
+    // or `Custom { kind: InvalidInput, error: "corrupt deflate stream" }`
+    let mut data = Vec::new();
+    file.read_to_end(&mut data).unwrap();
+}