xref: /isa-l_crypto/README.md (revision 9b7a2b842c9f4e54b8dc1c82899e5a5520c53301) 
1Intel(R) Intelligent Storage Acceleration Library Crypto Version
2================================================================
3
4![Continuous Integration](https://github.com/intel/isa-l_crypto/actions/workflows/ci.yml/badge.svg)
5[![Coverity Status](https://scan.coverity.com/projects/29481/badge.svg)](https://scan.coverity.com/projects/intel-isa-l-crypto)
6[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/intel/isa-l_crypto/badge)](https://securityscorecards.dev/viewer/?uri=github.com/intel/isa-l_crypto)
7
8ISA-L_crypto is a collection of optimized low-level functions targeting storage
9applications.  ISA-L_crypto includes:
10
11* Multi-buffer hashes - run multiple hash jobs together on one core for much
12  better throughput than single-buffer versions.
13  - SHA1, SHA256, SHA512, MD5, SM3
14
15* Multi-hash - Get the performance of multi-buffer hashing with a single-buffer
16  interface. Specification ref : [Multi-Hash white paper](https://raw.githubusercontent.com/wiki/intel/isa-l_crypto/pdf/multi-hash-paper.pdf)
17
18* Multi-hash + murmur - run both together.
19
20* AES - block ciphers
21  - XTS, GCM, CBC
22
23* Rolling hash - Hash input in a window which moves through the input
24
25Also see:
26* [ISA-L_crypto for updates](https://github.com/intel/isa-l_crypto).
27* For non-crypto ISA-L see [isa-l on github](https://github.com/intel/isa-l).
28* The [github wiki](https://github.com/intel/isa-l/wiki) covering isa-l and
29  isa-l crypto.
30* [Contributing](CONTRIBUTING.md).
31* [Security Policy](SECURITY.md).
32* [FIPS Mode](FIPS.md).
33
34Building ISA-L
35--------------
36
37### Prerequisites
38
39x86_64:
40* Assembler: nasm v2.14.01 or later
41* Compiler: gcc, clang, icc or MSVC (Visual Studio 2019 or later).
42* Make: GNU 'make' or 'nmake' (Windows).
43* Optional: Building with autotools requires autoconf/automake packages.
44
45aarch64:
46* Assembler: gas v2.34 or later.
47* Compiler: gcc v8 or later.
48* For gas v2.24~v2.34, sve2 instructions are not supported. To workaround it, sve2 optimization should be disabled by
49    * ./configure --disable-sve2
50    * make -f Makefile.unx DEFINES+=-DNO_SVE2=1
51
52### Autotools
53To build and install the library with autotools it is usually sufficient to run:
54
55    ./autogen.sh
56    ./configure
57    make
58    sudo make install
59
60### Makefile
61To use a standard makefile run:
62
63    make -f Makefile.unx
64
65### Windows
66On Windows use nmake to build dll and static lib:
67
68    nmake -f Makefile.nmake
69
70### Other make targets
71Other targets include:
72* `make check` : create and run tests
73* `make tests` : create additional unit tests
74* `make perfs` : create included performance tests
75* `make ex`    : build examples
76* `make doc`   : build API manual
77
78Algorithm recommendations
79-------------------------
80
81Legacy or to be avoided algorithms listed in the table below are implemented
82in the library in order to support legacy applications. Please use corresponding
83alternative algorithms instead.
84```
85+----------------------------------------------------+
86| # | Algorithm      | Recommendation | Alternative  |
87|---+----------------+----------------+--------------|
88| 1 | MD5 integrity  | Legacy         | SHA256       |
89|---+----------------+----------------+--------------|
90| 2 | SHA1 integrity | Avoid          | SHA256       |
91+----------------------------------------------------+
92```
93Intel(R) Intelligent Storage Acceleration for Crypto Library depends on C library and
94it is recommended to use its latest version.
95
96Applications using the Intel(R) Intelligent Storage Acceleration for Crypto Library rely on
97Operating System to provide process isolation.
98As the result, it is recommended to use latest Operating System patches and
99security updates.
100
101DLL Injection Attack
102--------------------
103
104### Problem
105
106The Windows OS has an insecure predefined search order and set of defaults when trying to locate a resource. If the resource location is not specified by the software, an attacker need only place a malicious version in one of the locations Windows will search, and it will be loaded instead. Although this weakness can occur with any resource, it is especially common with DLL files.
107
108### Solutions
109
110Applications using libisal_crypto DLL library may need to apply one of the solutions to prevent from DLL injection attack.
111
112Two solutions are available:
113- Using a Fully Qualified Path is the most secure way to load a DLL
114- Signature verification of the DLL
115
116### Resources and Solution Details
117
118- Security remarks section of LoadLibraryEx documentation by Microsoft: <https://docs.microsoft.com/en-us/windows/win32/api/libloaderapi/nf-libloaderapi-loadlibraryexa#security-remarks>
119- Microsoft Dynamic Link Library Security article: <https://docs.microsoft.com/en-us/windows/win32/dlls/dynamic-link-library-security>
120- Hijack Execution Flow: DLL Search Order Hijacking: <https://attack.mitre.org/techniques/T1574/001>
121- Hijack Execution Flow: DLL Side-Loading: <https://attack.mitre.org/techniques/T1574/002>
122