Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp3752127ybk;
        Tue, 19 May 2020 12:05:16 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyB8G+OFY+Kt+BrkU9WWsECTbRHxdOXaa1mMzVOsBw34pbGcOORA+uAPIhZKZUMfSGKMmTC
X-Received: by 2002:a17:906:24d8:: with SMTP id f24mr580064ejb.215.1589915116485;
        Tue, 19 May 2020 12:05:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1589915116; cv=none;
        d=google.com; s=arc-20160816;
        b=TCaBqXNXoBOPwE2KpI5z9iReX4T9RN2B68wLuO+3/ZXlScStcdDMbPIN6bjCGHKiru
         GpJ6p7LzuPLdNi63C1NfDwInKOfhLoEFNDtUVLgygxAuyYRfy79GxJJgwqFssWKXQgBD
         vnRbkP3WTyDPUfWqoG4mCevV3g8/zg0NnpfMJC+b7cUfFKGwzl0gTmbP+IBGj0DkyEID
         CguY4jPSghBLRrqmW4Oo21akDMxd2boNZ/bHvdBGjEg5L6QZSRAmsafo3aqa5WEHOdRf
         DsVETiP7lwRNgJWSrBI2LXKbLM/8FMnHyl04uBMYeLzvSOh0JCdm4hhq1b8Vw6rrIAL0
         PfrQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-signature;
        bh=35Mfa+xyBPTMy5Qc45vZMg59p9JyusDFvJUNtZ+QtU0=;
        b=M3lW2P0GtLyEAsFloHtmeipfgoX+ixAThLc97mGnz91qePQVztLGTRn8yjRKoyj/Vf
         LhmUUVBGfcZv1UA32dNsr5m/5bfzcxHIMof8cSwMMjNR3T+6b/iJ6EbTuWvEZq0rXkkp
         kmgkn4ulmFu4V3Uzd3OMY0FYaDEwZpEQpjipFpLYv5TyIRSi+/mgxZ3i6STMa/DlQFOr
         tOg2cgcnln9o7Q3/S/0HW8qMV56tlleej2YN9HzMFkEztIlI3XlC2qkOa1lttIiVu9aH
         X2cI5pIWFnY8Y4ij5lrhixdeP4U5fVf+BR+AUdUoPZC4EBDrpcjlimEcZz6+sDzikpFj
         meNg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=ed4rYd06;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id h10si415719eja.307.2020.05.19.12.04.49;
        Tue, 19 May 2020 12:05:16 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=ed4rYd06;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727839AbgESTCR (ORCPT <rfc822;zhijun.chen.lk@gmail.com>
        + 99 others); Tue, 19 May 2020 15:02:17 -0400
Received: from mail.kernel.org ([198.145.29.99]:56034 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726059AbgESTCR (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
        Tue, 19 May 2020 15:02:17 -0400
Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr [92.154.90.120])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 0E025207E8;
        Tue, 19 May 2020 19:02:15 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1589914937;
        bh=p2x2LclJ0xI5fOs4bKaK0KKKNU41HHkLK1/dnIsHhbo=;
        h=From:To:Cc:Subject:Date:From;
        b=ed4rYd06KgneWuTtKnnW/R+djaWb82I8QTBhJc0jZJlJ0rzytKbNy+1RtJlXBofD1
         4brbfdRk+QiBYQNEfFB8eZdX4hEzXS7eGt2YhLnfNCZkBWNU+kPSapCxJ5YW9kBvRu
         cR5tu2Ri5IFMPTwexevC84whByKeQ+IAON2s07GQ=
From:   Ard Biesheuvel <ardb@kernel.org>
To:     linux-crypto@vger.kernel.org
Cc:     linux-arm-kernel@lists.infradead.org, ebiggers@kernel.org,
        Ard Biesheuvel <ardb@kernel.org>,
        Stephan Mueller <smueller@chronox.de>
Subject: [RFC/RFT PATCH 0/2] crypto: add CTS output IVs for arm64 and testmgr
Date:   Tue, 19 May 2020 21:02:09 +0200
Message-Id: <20200519190211.76855-1-ardb@kernel.org>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

Stephan reports that the arm64 implementation of cts(cbc(aes)) deviates
from the generic implementation in what it returns as the output IV. So
fix this, and add some test vectors to catch other non-compliant
implementations.

Stephan, could you provide a reference for the NIST validation tool and
how it flags this behaviour as non-compliant? Thanks.

Cc: Stephan Mueller <smueller@chronox.de>

Ard Biesheuvel (2):
  crypto: arm64/aes - align output IV with generic CBC-CTS driver
  crypto: testmgr - add output IVs for AES-CBC with ciphertext stealing

 arch/arm64/crypto/aes-modes.S |  2 ++
 crypto/testmgr.h              | 12 ++++++++++++
 2 files changed, 14 insertions(+)

-- 
2.20.1