Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp565809yba; Wed, 15 May 2019 06:17:51 -0700 (PDT) X-Google-Smtp-Source: APXvYqzJBuYTPOm/1hQm3SdceFD/0t6rzwvR8dXyQd3ut1Un1+wbvdsaluMUGaCu7zSdZJu2xCXf X-Received: by 2002:a63:5c25:: with SMTP id q37mr45116248pgb.263.1557926271706; Wed, 15 May 2019 06:17:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557926271; cv=none; d=google.com; s=arc-20160816; b=apFTn4Vo0VHnvFWn5TeMQgqWz3xwqV71wV7xSQMUOsPQD1obFYHFRPhbenN4kECYEq yOhC53mFCfxmxwY1FZIeXVl69LnU9SdOy69RdhKK3hBGNIUTHyLhLuRHXdQ1UKJq2lDe vul/vTzuiz4UImXuPjczkOGntAoet6He2uLMdpWQ0/e/D5R50B3Z7gNjtkg7+mke0OAe fe58JR0p4gMaPgogLoT/aYIIVN5RzmQRyixeHIgJekhrMnnC5zLB/zCjuG1xlaNGO4KT X+TIWvq0cm6qItxWscPX6w5vnkne9IXdOrl2VLnRv6zypNmU2wSJagQTDqy9BlT+WJCe LCaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=HW2O4QMC+jQXSo/k3GWLfGlycWXAm73s2xUMXkOH4HQ=; b=QZ+FKz0ascYxgr33yqg8wt/TLJUtwall6PAYqjbeq9HOtQndp0iP37eZIZiUgMPnHz TPw8N2/9a7LXrjVpksmRvZTg8iHsdr6zMjusTbPdXvBUxZVZYci2o46szPe0swTgzZBs LCF7LPek+oV5cG2NCPBdv1KyF5WXCnMKWQ4PY1YGdo/EP124oF8PqE+al/1mPP1NEAVF 8/AVpWvBOF0F5F7ICJBJYBogr1TJHkbjuQMtp0BZGGFk96PC1oY5+17+13/d//foltHs 0yK5zYVINDQSzpz3Nr0KOvE2sBpBvSlMXGSt9jQ6T6LaWxI9acsNqPIXdCLWOafeUfWo fYiQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ne24CFod; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v23si1781378pgi.527.2019.05.15.06.17.37; Wed, 15 May 2019 06:17:51 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ne24CFod; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726875AbfEONRX (ORCPT + 99 others); Wed, 15 May 2019 09:17:23 -0400 Received: from mail-lf1-f44.google.com ([209.85.167.44]:43346 "EHLO mail-lf1-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726752AbfEONRX (ORCPT ); Wed, 15 May 2019 09:17:23 -0400 Received: by mail-lf1-f44.google.com with SMTP id u27so1957617lfg.10 for ; Wed, 15 May 2019 06:17:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=HW2O4QMC+jQXSo/k3GWLfGlycWXAm73s2xUMXkOH4HQ=; b=ne24CFodzNkiUMhgPpVZxMhXeK7CPFzlLAzlUTuMHqq5TFjRYWdIODE8bH6MkWIn4F y3DK1Xmpr1TUmIJVQh+qA+hqzXyjXbULjg4UiJk68RQnlMkmwzYj9k3XWj9xGJ8xEb2D /prmPAuJIB/pmnpfgjVIMwQvS04fIp0cOMSQXFYU7pTpNDhDjqP/0VYwlamO+qN/9ZO4 7izeVA6JsP+7p5KsV/kighL+jbDW+ma1PXxtlgNJByoR+ZpwWFfSfxem0zj9e+adIAaD grXKFa4fMijdslugGaY/SmYBqmNxjQJ6O8fVW9kyhORAMSYJvfvTIqD+hLeutP1H9tLU gG/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=HW2O4QMC+jQXSo/k3GWLfGlycWXAm73s2xUMXkOH4HQ=; b=WN5WOvzxLVma2dlrOMW3PCwpolWuhd/nwvABlR8PxRQa7irMY2vOf6Fs6jqV/AWBtD A4uOZyaEtvy9c0GxN4lE6yohNB3QaOf6Nj0yDSMhIn11H2AfOcW+CxlWp+kwOe9EUpYj z6b9cM5NOz3Eo79ZMYNpRbfiu88Mo9iRYcB5vemPBl3pl4n6SvYtt4ou6kNdUMvtrCZV OfLBmum+UyZQe2TMT7+YPuDIXvn9M/T2htdk+o6+AYnP5CXXUvTS0jrz8cDmdpOaw6kV TOoLvWMAgSsGVV33IwkB17LyJcsYUu2/dSIbXxh/JnUZAxZaXRHrjNGnsMaer4tgpcaR tKvQ== X-Gm-Message-State: APjAAAXVGbPwxedqi8WWJv+KwhyWJX3E0qL+cpG+sytaeWMASTxc1/gl vHdRJ6LkEeH8BvxsQpHHmFu8kHV+bd7vZp3/1s4= X-Received: by 2002:a19:c746:: with SMTP id x67mr19920906lff.152.1557926241426; Wed, 15 May 2019 06:17:21 -0700 (PDT) MIME-Version: 1.0 References: <20190515130746.cvhkxxffrmmynfq3@pengutronix.de> In-Reply-To: <20190515130746.cvhkxxffrmmynfq3@pengutronix.de> From: Fabio Estevam Date: Wed, 15 May 2019 10:17:19 -0300 Message-ID: Subject: Re: ctr(aes) broken in CAAM driver To: Sascha Hauer Cc: "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" , =?UTF-8?Q?Horia_Geant=C4=83?= , Sascha Hauer Content-Type: text/plain; charset="UTF-8" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hi Sascha, On Wed, May 15, 2019 at 10:09 AM Sascha Hauer wrote: > > Hi, > > ctr(aes) is broken in current kernel (v5.1+). It may have been broken > for longer, but the crypto tests now check for a correct output IV. The > testmgr answers with: > > alg: skcipher: ctr-aes-caam encryption test failed (wrong output IV) on test vector 0, cfg="in-place" > > output IV is this, which is the last 16 bytes of the encrypted message: > 00000000: 1e 03 1d da 2f be 03 d1 79 21 70 a0 f3 00 9c ee > > It should look like this instead, which is input IV + 4: > 00000000: f0 f1 f2 f3 f4 f5 f6 f7 f8 f9 fa fb fc fd ff 03 > > I have no idea how to fix this as I don't know how to get the output IV > back from the CAAM. Any ideas? Is this problem similar to this one? https://www.mail-archive.com/linux-crypto@vger.kernel.org/msg37512.html