Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp3752127ybk; Tue, 19 May 2020 12:05:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyB8G+OFY+Kt+BrkU9WWsECTbRHxdOXaa1mMzVOsBw34pbGcOORA+uAPIhZKZUMfSGKMmTC X-Received: by 2002:a17:906:24d8:: with SMTP id f24mr580064ejb.215.1589915116485; Tue, 19 May 2020 12:05:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589915116; cv=none; d=google.com; s=arc-20160816; b=TCaBqXNXoBOPwE2KpI5z9iReX4T9RN2B68wLuO+3/ZXlScStcdDMbPIN6bjCGHKiru GpJ6p7LzuPLdNi63C1NfDwInKOfhLoEFNDtUVLgygxAuyYRfy79GxJJgwqFssWKXQgBD vnRbkP3WTyDPUfWqoG4mCevV3g8/zg0NnpfMJC+b7cUfFKGwzl0gTmbP+IBGj0DkyEID CguY4jPSghBLRrqmW4Oo21akDMxd2boNZ/bHvdBGjEg5L6QZSRAmsafo3aqa5WEHOdRf DsVETiP7lwRNgJWSrBI2LXKbLM/8FMnHyl04uBMYeLzvSOh0JCdm4hhq1b8Vw6rrIAL0 PfrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=35Mfa+xyBPTMy5Qc45vZMg59p9JyusDFvJUNtZ+QtU0=; b=M3lW2P0GtLyEAsFloHtmeipfgoX+ixAThLc97mGnz91qePQVztLGTRn8yjRKoyj/Vf LhmUUVBGfcZv1UA32dNsr5m/5bfzcxHIMof8cSwMMjNR3T+6b/iJ6EbTuWvEZq0rXkkp kmgkn4ulmFu4V3Uzd3OMY0FYaDEwZpEQpjipFpLYv5TyIRSi+/mgxZ3i6STMa/DlQFOr tOg2cgcnln9o7Q3/S/0HW8qMV56tlleej2YN9HzMFkEztIlI3XlC2qkOa1lttIiVu9aH X2cI5pIWFnY8Y4ij5lrhixdeP4U5fVf+BR+AUdUoPZC4EBDrpcjlimEcZz6+sDzikpFj meNg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=ed4rYd06; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h10si415719eja.307.2020.05.19.12.04.49; Tue, 19 May 2020 12:05:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=ed4rYd06; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727839AbgESTCR (ORCPT + 99 others); Tue, 19 May 2020 15:02:17 -0400 Received: from mail.kernel.org ([198.145.29.99]:56034 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726059AbgESTCR (ORCPT ); Tue, 19 May 2020 15:02:17 -0400 Received: from localhost.localdomain (laubervilliers-657-1-83-120.w92-154.abo.wanadoo.fr [92.154.90.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 0E025207E8; Tue, 19 May 2020 19:02:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589914937; bh=p2x2LclJ0xI5fOs4bKaK0KKKNU41HHkLK1/dnIsHhbo=; h=From:To:Cc:Subject:Date:From; b=ed4rYd06KgneWuTtKnnW/R+djaWb82I8QTBhJc0jZJlJ0rzytKbNy+1RtJlXBofD1 4brbfdRk+QiBYQNEfFB8eZdX4hEzXS7eGt2YhLnfNCZkBWNU+kPSapCxJ5YW9kBvRu cR5tu2Ri5IFMPTwexevC84whByKeQ+IAON2s07GQ= From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, ebiggers@kernel.org, Ard Biesheuvel , Stephan Mueller Subject: [RFC/RFT PATCH 0/2] crypto: add CTS output IVs for arm64 and testmgr Date: Tue, 19 May 2020 21:02:09 +0200 Message-Id: <20200519190211.76855-1-ardb@kernel.org> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Stephan reports that the arm64 implementation of cts(cbc(aes)) deviates from the generic implementation in what it returns as the output IV. So fix this, and add some test vectors to catch other non-compliant implementations. Stephan, could you provide a reference for the NIST validation tool and how it flags this behaviour as non-compliant? Thanks. Cc: Stephan Mueller Ard Biesheuvel (2): crypto: arm64/aes - align output IV with generic CBC-CTS driver crypto: testmgr - add output IVs for AES-CBC with ciphertext stealing arch/arm64/crypto/aes-modes.S | 2 ++ crypto/testmgr.h | 12 ++++++++++++ 2 files changed, 14 insertions(+) -- 2.20.1