Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp2484213ybv; Sun, 9 Feb 2020 00:12:39 -0800 (PST) X-Google-Smtp-Source: APXvYqzl0Ip2FN+0aReunSunWAW7V+npm49IxQVQSm3rhDz2m8PLg/wwaAXUd3CfU5y7jYCTYV9h X-Received: by 2002:a05:6808:4c7:: with SMTP id a7mr7333238oie.83.1581235959451; Sun, 09 Feb 2020 00:12:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581235959; cv=none; d=google.com; s=arc-20160816; b=HP0wecCjB3YPSOk+1c4Qbm+fBmoMpMkG/xO6XakKoiPShxteUuIfT0d/XyKkIOWi0p VFkDss49BqLUihaxu4K9Y1OM2io4ORTZ9FuQ+iAIoECipZhAuLfsC7Nw/LKScZnXUq8V PteJ1Zqm/z+qY+o1ycEDEOcj1GhCn0TB+h1c1tmrt8fpvmpzn3x/aZYcFToat1DQdnQH 7+v7xsPOpTOFpjV6QaMLC0e/OCMb0bhkxuqMjEmbScUuZHG4LFF+GEqlvDRFH2/aUHuN FAxeIdtih78GnI+RSH31H3BPGg/kBlWgwGhFjb3nqwVY51l0dK8qbZpAD7/6DV92br7n N5YA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=kcXc8Nc9KBoeoKUcsLWvAWNOC+kSckSzv0zdmuBDQ98=; b=UckfQzEjeKiRLOgY9UydvtblkJiXiJRBfJtbA5HMqT/Nu0vAOrmvh8wDZMPiEsLuIb uFhKIkZu6Haqc7Zv5Is52xzftVB+V7enybDlx0yvwvTuYjU+3NFgRRTJQBnduqCU6rUv oQ2XDcLwgO1dZM22qpXNYEDKnZQ66M7S0Cab9vIpH1zvqApLjWpQrHABBrYMNEP11NNR /MeZZyVQOa8wh5zFYSr+PVZ0yaEiCrRVLSfXRvasPrROIMqn0ICv+RfxBBovzh+HmPql g2J22Etsz9KwitQyIHPozsdFRlkufd02JnwvhdMPrlFJu4JGfev6RoejSuGr/T7vXbif FPDg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@benyossef-com.20150623.gappssmtp.com header.s=20150623 header.b=gHSZGZ7I; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o6si6364024oie.193.2020.02.09.00.12.27; Sun, 09 Feb 2020 00:12:39 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@benyossef-com.20150623.gappssmtp.com header.s=20150623 header.b=gHSZGZ7I; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726005AbgBIIKJ (ORCPT + 99 others); Sun, 9 Feb 2020 03:10:09 -0500 Received: from mail-vk1-f178.google.com ([209.85.221.178]:35210 "EHLO mail-vk1-f178.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725900AbgBIIKJ (ORCPT ); Sun, 9 Feb 2020 03:10:09 -0500 Received: by mail-vk1-f178.google.com with SMTP id o187so977040vka.2 for ; Sun, 09 Feb 2020 00:10:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=benyossef-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kcXc8Nc9KBoeoKUcsLWvAWNOC+kSckSzv0zdmuBDQ98=; b=gHSZGZ7IIDQ6jG5R85YM6323HzHa5ScUfzn4Amb0mIwvHEgmJqwmmUo2WnaFEsTr3p HaNGE+6qzONbm6kS+YKqueu0Woi1lwDVT+Nsp8+6gEhEwauKq6Z7QMmff8/6vhgiuFkE 5G998Mx8yp07eTwC8DbSkl7h0L17zbi5xGy2QDJri1Uuk4x3/j8DASHTeXp0pie1Fss6 vwHprHjFErWqxfF6GDumcFdiKYeKokEvKSriBFn1hx8Um8qmpryTitOUCk/KIadLyUL+ hnVHvUN/g80zOQWc21/AbKmEab+AfJJtp1H9xwPJ5prkye3bQHc9bSKiW1W/aPGNziDh ZAYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kcXc8Nc9KBoeoKUcsLWvAWNOC+kSckSzv0zdmuBDQ98=; b=qUkzRP5/WSrQDb0yZkCDwx+CXRA8bELP8UirI2ydTKi5QzU42lP6RIp/2fCAAYy2RP YB2sOtU+zBSswmqjIReeLQU4x4cxMsizOJaH1YLQ+ZU73Jcby9jPu08jrN5aKW2MT04t ZqxqHRKl9E+NTeXWoil231eqAioaoqTcev6vuXy1mXqDxOYZAP9jWz+KoIXhBGbB3UeP iodtEs4fPXpfnGXOL4ssMPVqXbiK+SGw21zdrDQ+ZFnm1tmGRALcneg3fC85ORDmv0nn xxRHtWwVKtkT2jvKpkj//77ZcU+cFbAc2mhnmsoxGfufPBxe4QO2tkV1DICCC0+NUcez kMXA== X-Gm-Message-State: APjAAAVW9YGWnUDysqihlXG0hcvogfiBaDevngK+s6RgdgpVXV//7mfc LoLLZvwCHU12W1MFTVGPN1lMk+aiKz0luMR0GaG9RQ== X-Received: by 2002:a1f:7cc2:: with SMTP id x185mr3522854vkc.1.1581235807823; Sun, 09 Feb 2020 00:10:07 -0800 (PST) MIME-Version: 1.0 References: <20200207072709.GB8284@sol.localdomain> <70156395ce424f41949feb13fd9f978b@MN2PR20MB2973.namprd20.prod.outlook.com> In-Reply-To: From: Gilad Ben-Yossef Date: Sun, 9 Feb 2020 10:09:53 +0200 Message-ID: Subject: Re: Possible issue with new inauthentic AEAD in extended crypto tests To: "Van Leeuwen, Pascal" Cc: Stephan Mueller , Eric Biggers , Herbert Xu , Linux Crypto Mailing List , Geert Uytterhoeven , David Miller , Ofir Drang Content-Type: text/plain; charset="UTF-8" Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Fri, Feb 7, 2020 at 4:07 PM Van Leeuwen, Pascal wrote: > The "problem" Gilad was referring to is that the _explicit_ part of the IV appears to be > available from both req->iv and from the AAD scatterbuffer. Which one should you use? > API wise I would assume req->iv but from a (our) hardware perspective, it would > be more efficient to extract it from the datastream. But is it allowed to assume > there is a valid IV stored there? (which implies that it has to match req->iv, > otherwise behaviour would deviate from implementations using that) > No, it isn't. The problem that I was referring to was that part of our test suites passes different values in req->iv and as part of the AAD, in contrast to what we document as the API requirements in the include file, my understanding of the relevant standard and the single users of this API in the kernel and that the driver I'm maintaining fails these tests, I'm all fine with getting my hands dirty and fixing the driver, I'm just suspect fixing a driver to pass a test that misuses the API may not actually improve the quality of the driver. Gilad