Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp349665pxj; Fri, 7 May 2021 09:59:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJybd8Tg1fuU+y1Y9RE5mIbXfWGzijaVbb2SaP+mYIsI8zrbwLjLXPMHDFwa+3MCQIAYtV2q X-Received: by 2002:a63:1109:: with SMTP id g9mr11173217pgl.88.1620406744459; Fri, 07 May 2021 09:59:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620406744; cv=none; d=google.com; s=arc-20160816; b=bf+xIyPsH9wc4+yL6qcH7tGSxyk0Ni8dzDxicORrGsYPhoOWdQ5TOloimbWSn0Uk4U gQPoHxLRSmytOKvdutTEWMsMhkWDXfRblpDXrTFrlIDEdvxz8lgwWa3ZF56R013ee8PZ Bd7goCFn1IBZ0SJ2Cd370nIejdpKFROsvUEbxWExmfVIBc6sz+LI3vL2meUnvZTTeRtd QOu0obyJ6OjcD1mhxOGL2idmD43/Ezx2+FEITnXOhdBCvJP2e431Mi4iL9QqCINxwkNu FL7LTJbDTbfHFb9p55V2kzXwPHBjBnxy02fmWYfEI8hUs47jSPD+3PE/FUAZDYde4Uvp cbag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=sqrFWO6xme0JIYPb3gXMNn77yYlPuy3wGhEbm2jPVuA=; b=k4UQ3+lza/U5H7wVEeEg8pLq1bwQ8j18VnNtXOsF1kSFVT8sG8QsgRT3xx1HbiT7Gl 5zEoEp5DGUmlnhr/DmWjrNDjCQp/8QDTXIqzbpEaGuEE2xHz+UWqmU2jfyBrSAZ1chJ4 FuBRF5bM1S9rTkecB7Ya5NRYiwUSfaqPG2KIyURUKGx/8j0TngRl+DoWyF7LF7GMt8c0 5arvPTCLOFe+SanCUEuOhSRbxsb6ezWT2o3v5IBxNUq+tjKoIH7vr7H6t1RX9KJgbVHk ITSQD23Z6vUT0hX0x+tYhI3be4yyFeNWOc3BZv8I8pOXud797R6TMy8QOWJWSRr0Ioxh 4dDA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=Q1SrFoOM; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j9si8035670pgq.51.2021.05.07.09.58.42; Fri, 07 May 2021 09:59:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=Q1SrFoOM; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236446AbhEGNDX (ORCPT + 99 others); Fri, 7 May 2021 09:03:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37254 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235836AbhEGNDW (ORCPT ); Fri, 7 May 2021 09:03:22 -0400 Received: from mail-qv1-xf2a.google.com (mail-qv1-xf2a.google.com [IPv6:2607:f8b0:4864:20::f2a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DAA4DC061574 for ; Fri, 7 May 2021 06:02:22 -0700 (PDT) Received: by mail-qv1-xf2a.google.com with SMTP id dl3so4732632qvb.3 for ; Fri, 07 May 2021 06:02:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=sqrFWO6xme0JIYPb3gXMNn77yYlPuy3wGhEbm2jPVuA=; b=Q1SrFoOMoPEjGgkZvy3AufZF1psxVG4y7iJ6gq0sbbCxUgxjl1s1GjAop3S9TLRcry UEF6KxpOsOhqtX0Xmq+kiNyMkcJDmyXfbG43PPtKCVV3plsDdSNHdq7Upwta5PadPBNA xtwbg7pY6s7m2QikOBjmnVJZTgo86iGJuQ0ipz2iRazuMRH+n0510/DoOjkVA1BQayff tWlqY9XNRNnEYGr5x5o/zHrr+0zH4O5TRlOXRvQTVMU1PBpk/F4+hjlEKzoZbIbNtQcQ cJhd0CDY6LHp/lSyjV3ILdL2d7jTkJMYulmkbv/qKu8Za1Q42TSIWPyupNYJwRP8ePgW kVSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=sqrFWO6xme0JIYPb3gXMNn77yYlPuy3wGhEbm2jPVuA=; b=DrYlTeIn9jZfZjX4a9EOOJgpcbzelv7q+rV0qYVuiPR30o1AU6qPuS70iSZ8YVi6qm o5prb9kcPZPHqtHiLp99KrLiwtrUl7pdA+BcXG70nQ0ClymS/muPj7ZPdFmeLJIKJRrA fGL9KGje4SzBcAonKURj01P9FJx6Ey7ooTWGcIrm8UbLbm0WGDcU1sqTjmU6k+E5OTAd 2loaBPiuOrMGCvn+MOfcVYz5X8y45kyCtuvN3apSC043NU3UkdBv/Oy64OdAoXrc3uEW aa/S3d15BsyXdnihsv2Vheh1R1GZTr7edGMbrBmcuLPyIsHnqiG8TOCXF7OGkuXiM1t3 a5pw== X-Gm-Message-State: AOAM533yq7lmfNoD5ZARGnyNMe8Xx5kUHDsFFqtpS6r1oejHlA4zAh4m VncoKjWcrXoPpAJtqNwtmWHAyHmk71cQsKsoYJjosD32 X-Received: by 2002:a05:6214:a62:: with SMTP id ef2mr9782998qvb.31.1620392541997; Fri, 07 May 2021 06:02:21 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Kestrel seventyfour Date: Fri, 7 May 2021 15:02:11 +0200 Message-ID: Subject: Fwd: xts.c and block size inkonsistency? cannot pass generic driver comparision tests To: linux-crypto@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hi Eric, I agree, that it can't be built on top of the kernels CBC. But in the hardware CBC, e.g. for encryption I set the IV (encrypted tweak), set the hardwares aes mode to CBC and start the encrypt of a 16 byte block, then do an additional xor after that -> result of that full block is the same as XTS. Then I gfmul the tweak and repeat the previous starting with setting the tweak as iv. Doing that is much faster and much more efficient than using the kernels xts on top of ecb(aes). But it introduces the problem that I have somehow to handle the CTS after my walk loop that just processes full blocks or multiples of that. And I am trying to figure out, what the best way is to do that with the least amount of code in my driver. I cannot set blocksize to 1, because then the block size comparison to generic xts fails and If I set the walksize to 1, I get the alignment and split errors and would have to handle the splits and missalignments manually. So actually I need a combination of what the walk does (handle alignment and splits) plus getting the last complete and incomplete block after walk_skcipher_done returns -EINVAL. At least thats my current idea. I could just copy most of the code from xts, but there is a lot of stuff, that is not needed, if I combine the hardware CBC and xor to be XEX (XTS without the cipher text stealing). Thanks. Am Fr., 7. Mai 2021 um 08:56 Uhr schrieb Eric Biggers : > > On Fri, May 07, 2021 at 07:57:01AM +0200, Kestrel seventyfour wrote: > > Hi, > > > > I have also added xts aes on combining the old hardware cbc algorithm > > with an additional xor and the gfmul tweak handling. However, I > > struggle to pass the comparision tests to the generic xts > > implementation. > > XTS can't be built on top of CBC, unless you only do 1 block at a time. > > It can be built on top of ECB, which is what the template already does. > > Before getting too far into your questions, are you sure that what you're trying > to do actually makes sense? > > - Eric