16df3ef80SGreg Tucker================================================================================ 2*3aa2266bSPablo de Larav2.25 Intel Intelligent Storage Acceleration Library Crypto Release Notes 36df3ef80SGreg Tucker================================================================================ 46df3ef80SGreg Tucker 56df3ef80SGreg Tucker================================================================================ 66df3ef80SGreg TuckerRELEASE NOTE CONTENTS 76df3ef80SGreg Tucker================================================================================ 86df3ef80SGreg Tucker1. KNOWN ISSUES 96df3ef80SGreg Tucker2. FIXED ISSUES 106df3ef80SGreg Tucker3. CHANGE LOG & FEATURES ADDED 116df3ef80SGreg Tucker 126df3ef80SGreg Tucker================================================================================ 136df3ef80SGreg Tucker1. KNOWN ISSUES 146df3ef80SGreg Tucker================================================================================ 156df3ef80SGreg Tucker 166df3ef80SGreg Tucker* Perf tests do not run in Windows environment. 176df3ef80SGreg Tucker 186df3ef80SGreg Tucker* 32-bit lib is not supported in Windows. 196df3ef80SGreg Tucker 20bf129716SPablo de Lara* 32-bit lib is not validated. 21bf129716SPablo de Lara 226df3ef80SGreg Tucker================================================================================ 236df3ef80SGreg Tucker2. FIXED ISSUES 246df3ef80SGreg Tucker================================================================================ 25*3aa2266bSPablo de Larav2.25 26bf129716SPablo de Lara 27bf129716SPablo de Lara* Fixed build with gcc 11.1. 28bf129716SPablo de Lara 29bf129716SPablo de Lara* Fixed SHA512 internal reference function parameters. 30bf129716SPablo de Lara 31bf129716SPablo de Lara* Fixed SM3 lane handling for aarch64. 32bf129716SPablo de Lara 33bf129716SPablo de Lara* Replaced non-VEX encoded with VEX-encoded instructions in AES-XTS implementation. 34bf129716SPablo de Lara 35bf129716SPablo de Lara* Fixed clang compilation with older assemblers. 36bf129716SPablo de Lara 37bf129716SPablo de Lara* Fixed SHA512 calculation error on aarch64. 38bf129716SPablo de Lara 39bf129716SPablo de Lara* Fixed MD5/SHA1/SHA256/SHA512 base functions for small inputs (less than block size). 40bf129716SPablo de Lara 41bf129716SPablo de Lara* Fixed AES-XTS OpenSSL calls, limiting the input size, as per restrictions in 3.0 version. 42bf129716SPablo de Lara 43bf129716SPablo de Lara* Fixed Windows build on test applications. 44bf129716SPablo de Lara 45bf129716SPablo de Lara* Fixed SHA1 context structure to force alignment for lengths array. 46bf129716SPablo de Lara 47a7851641SGreg Tuckerv2.21 48a7851641SGreg Tucker 49a7851641SGreg Tucker* Put correct vec instruction versions in aes_cbc_enc_{128,192,256}(). May help 50a7851641SGreg Tucker performance on some systems. 51a7851641SGreg Tucker 52562a4b8fSGreg Tuckerv2.20 53562a4b8fSGreg Tucker 54562a4b8fSGreg Tucker* Fix issue with new aes_gcm API, aes_gcm_pre_256 was incorrect. 55562a4b8fSGreg Tucker 56562a4b8fSGreg Tucker* Multi-buffer hash max length extended. Previous max length for 57562a4b8fSGreg Tucker {sha1,sha256,sha512,md5}_mb was 4095MB. While there is still a 4GB limit for 58562a4b8fSGreg Tucker each submit, the total hashed length can now be larger then 4GB. 597fbc0c89SGreg Tucker 607fbc0c89SGreg Tuckerv2.18 617fbc0c89SGreg Tucker 627fbc0c89SGreg Tucker* Fix for multi-buffer hash when total length is above 512MB. 637fbc0c89SGreg Tucker 646df3ef80SGreg Tuckerv2.14 656df3ef80SGreg Tucker 666df3ef80SGreg Tucker* Building in unit directories is no longer supported removing the issue of 676df3ef80SGreg Tucker leftover object files causing the top-level make build to fail. 686df3ef80SGreg Tucker 696df3ef80SGreg Tuckerv2.9 706df3ef80SGreg Tucker 716df3ef80SGreg Tucker* Multi-buffer MD5 AVX2 tests fixed to work on FreeBSD 9.1 by explicitly aligning 726df3ef80SGreg Tucker structures. 736df3ef80SGreg Tucker 746df3ef80SGreg Tuckerv2.7 756df3ef80SGreg Tucker 766df3ef80SGreg Tucker* Unit tests and examples are now supported in Windows environment 776df3ef80SGreg Tucker 786df3ef80SGreg Tucker 796df3ef80SGreg Tucker================================================================================ 806df3ef80SGreg Tucker3. CHANGE LOG & FEATURES ADDED 816df3ef80SGreg Tucker================================================================================ 82*3aa2266bSPablo de Larav2.25 83bf129716SPablo de Lara 845a815d2dSPablo de Lara* Added new API including parameter checking (starting with isal_ prefix). 855a815d2dSPablo de Lara 865a815d2dSPablo de Lara* Added new API returning the library version. 875a815d2dSPablo de Lara 885a815d2dSPablo de Lara* Added FIPS mode, including self tests in NIST approved algorithms (more information in https://github.com/intel/isa-l_crypto/blob/master/FIPS.md). 895a815d2dSPablo de Lara 905a815d2dSPablo de Lara* Deprecated previous API in favour of new API (more information in https://github.com/intel/isa-l_crypto/wiki/New-API-introduced-from-v2.25). 915a815d2dSPablo de Lara 92bf129716SPablo de Lara* Optimized AES-GCM for AVX512-VAES x86 implementation. 93bf129716SPablo de Lara 946e0f4e99SNicola Torracca* Optimized SM3 for AVX512 x86 implementation. 956e0f4e99SNicola Torracca 96bf129716SPablo de Lara* Optimized MD5 and SM3 for aarch64. 97bf129716SPablo de Lara 98bf129716SPablo de Lara* New optimized version of AES-CBC and AES-XTS for aarch64. 99bf129716SPablo de Lara 100bf129716SPablo de Lara* Optimized multi-hash SHA1-Murmur for aarch64. 101bf129716SPablo de Lara 102bf129716SPablo de Lara* Optimized multi-hash SHA1 for aarch64. 103bf129716SPablo de Lara 104bf129716SPablo de Lara* Added ACVP test applications for AES-CBC, AES-GCM, AES-XTS and SHA1/256/512. 105bf129716SPablo de Lara 106151e9bcaSPablo de Lara* Removed YASM support, so only NASM assembler is supported for x86. 107151e9bcaSPablo de Lara 108d28f1034SPablo de Lara* Bumped minimum NASM version to 2.14.01, which supports all x86 ISA used in this library. 109d28f1034SPablo de Lara 1105d272df2SGreg Tuckerv2.24 1115d272df2SGreg Tucker 1125d272df2SGreg Tucker* New optimized version of AES-CBC decode 1135d272df2SGreg Tucker 1145d272df2SGreg Tucker* New AVX2, 8 lane version of multi-buffer SM3 1155d272df2SGreg Tucker 1165d272df2SGreg Tucker* Added support for big-endian architectures 1175d272df2SGreg Tucker 11893aa44c6SGreg Tuckerv2.23 11993aa44c6SGreg Tucker 12093aa44c6SGreg Tucker* New optimized versions of block ciphers AES-GCM and AES-XTS. 12193aa44c6SGreg Tucker 12293aa44c6SGreg Tucker* New optimized versions of multi-buffer SM3 hashing. Removed experimental 12393aa44c6SGreg Tucker status. 12493aa44c6SGreg Tucker 12505b9be01SGreg Tuckerv2.22 12605b9be01SGreg Tucker 12705b9be01SGreg Tucker* New multi-buffer SM3 functions. Experimental base functions only. 12805b9be01SGreg Tucker 12905b9be01SGreg Tucker* New multi-arch support. 13005b9be01SGreg Tucker 131a7851641SGreg Tuckerv2.21 132a7851641SGreg Tucker 133a7851641SGreg Tucker* Multi-buffer hash performance improvement for Intel(R) Atom(tm) processors. 134a7851641SGreg Tucker New by-2 shani versions for multi-buffer sha1 & sha256. 135a7851641SGreg Tucker 136a7851641SGreg Tucker* New base functions for multi-buffer hashes. 137a7851641SGreg Tucker md5_mb, sha1_mb, sha256_mb, sha512_mb. 138a7851641SGreg Tucker 139562a4b8fSGreg Tuckerv2.20 140562a4b8fSGreg Tucker 141562a4b8fSGreg Tucker* New functions 142562a4b8fSGreg Tucker - Non-temporal versions of aes_gcm added. 143562a4b8fSGreg Tucker 144562a4b8fSGreg Tucker* Multi-buffer hash improvement 145562a4b8fSGreg Tucker - Increase max length of hash in {sha1,sha256,sha512,md5}_mb to > 4GB. 146562a4b8fSGreg Tucker 14788cd97e2SXiaodong Liuv2.19 14888cd97e2SXiaodong Liu 14988cd97e2SXiaodong Liu* Multi-buffer hash (sha1_mb, sha256_mb) 15088cd97e2SXiaodong Liu 15188cd97e2SXiaodong Liu - Choose fast single buffer routine to do flush operation if lanes aren't full. 15288cd97e2SXiaodong Liu 15388cd97e2SXiaodong Liu - Add SHA-NI support for Goldmont and Cannonlake. 15488cd97e2SXiaodong Liu 15588cd97e2SXiaodong Liu* AES-GCM interface updates. 15688cd97e2SXiaodong Liu 15788cd97e2SXiaodong Liu - New interface separates the expanded keys and other context into two 15888cd97e2SXiaodong Liu structures. The old interface is maintained for backward compatibility. 15988cd97e2SXiaodong Liu 16088cd97e2SXiaodong Liu - User no longer has to append the GCM_IV_END_MARK manually to then end of iv 16188cd97e2SXiaodong Liu as this is now done automatically. This update should also improve performance 16288cd97e2SXiaodong Liu of small packets. 16388cd97e2SXiaodong Liu 16488cd97e2SXiaodong Liu* Rolling hash is released. 1657fbc0c89SGreg Tucker 1667fbc0c89SGreg Tuckerv2.18 1677fbc0c89SGreg Tucker 1687fbc0c89SGreg Tucker* New multi-hash SHA256-based version. 1697fbc0c89SGreg Tucker 1706df3ef80SGreg Tuckerv2.16 1716df3ef80SGreg Tucker 1726df3ef80SGreg Tucker* Split lib from non-crypto functions. 1736df3ef80SGreg Tucker 1746df3ef80SGreg Tuckerv2.15 1756df3ef80SGreg Tucker 1766df3ef80SGreg Tucker* Multi-buffer hash updates. New AVX512 versions for multi-buffer SHA1, SHA256, 1776df3ef80SGreg Tucker SHA512, MD5 and SHA1+murmur3_x64_128 stitched. 1786df3ef80SGreg Tucker 1796df3ef80SGreg Tucker* Removes restrictions on AAD length in AES-GCM. Previously AAD length was 1806df3ef80SGreg Tucker limited to a multiple of 4 bytes. Now any AAD length is allowed. 1816df3ef80SGreg Tucker 1826df3ef80SGreg Tucker* Nasm support. ISA-L ported to build with nasm or yasm assembler. 1836df3ef80SGreg Tucker 1846df3ef80SGreg Tucker* Windows DLL support. Windows builds DLL by default. 1856df3ef80SGreg Tucker 1866df3ef80SGreg Tucker* The older, deprecated multi-buffer API has been removed. 1876df3ef80SGreg Tucker 1886df3ef80SGreg Tuckerv2.14 1896df3ef80SGreg Tucker 1906df3ef80SGreg Tucker* New multi-hash sha1 function and multi-hash sha1 + murmur3_x64_128 stitched. 1916df3ef80SGreg Tucker Multi-hash is designed to give the performance of multi-buffer cryptographic 1926df3ef80SGreg Tucker hashes with a synchronous single buffer interface. 1936df3ef80SGreg Tucker 1946df3ef80SGreg Tucker* New AES-GCM and AES-CBC functions added. 1956df3ef80SGreg Tucker 1966df3ef80SGreg Tucker* Autoconf and autotools build allows easier porting to additional systems. 1976df3ef80SGreg Tucker Previous make system still available to embedded users with Makefile.unx. 1986df3ef80SGreg Tucker 1996df3ef80SGreg Tucker* The AES key expand functions that were used for AES-XTS with pre-expanded keys 2006df3ef80SGreg Tucker now expand the decrypt keys in a different order. The order that decrypt keys 2016df3ef80SGreg Tucker are stored and used by XTS_AES_128_dec_expanded_key() is reversed from 20286058544SPablo de Lara previous versions to be compatible with CBC and GCM key expansion. The 2036df3ef80SGreg Tucker aes_keyexp_*() and XTS_AES_128_dec_expanded_key() functions should work the 2046df3ef80SGreg Tucker same when paired together. 2056df3ef80SGreg Tucker 2066df3ef80SGreg Tucker* Includes update for building on Mac OS X/darwin systems. Add --target=darwin 2076df3ef80SGreg Tucker to ./configure step. 2086df3ef80SGreg Tucker 2096df3ef80SGreg Tuckerv2.10 2106df3ef80SGreg Tucker 2116df3ef80SGreg Tucker* Added multi-buffer MD5 in the new hash API. Includes multi-binary capability, 2126df3ef80SGreg Tucker no restriction on update length and other benefits of the CTX API. 2136df3ef80SGreg Tucker 2146df3ef80SGreg Tuckerv2.9 2156df3ef80SGreg Tucker 2166df3ef80SGreg Tucker* New multi-buffer hash API. The new API brings the following new features to 2176df3ef80SGreg Tucker multi-buffer hashes. The older API is still included but may be deprecated in 2186df3ef80SGreg Tucker future releases. 2196df3ef80SGreg Tucker 2206df3ef80SGreg Tucker - Multibinary functionality. Call one function and the appropriate 2216df3ef80SGreg Tucker architecture-specific version is fixed up at runtime. 2226df3ef80SGreg Tucker 2236df3ef80SGreg Tucker - No restriction on update length. Submitting an update block no longer has 2246df3ef80SGreg Tucker to have length a multiple of the fundamental block size. 2256df3ef80SGreg Tucker 2266df3ef80SGreg Tucker* New expanded key tests added for AES-XTS 128 and 256 2276df3ef80SGreg Tucker 2286df3ef80SGreg Tuckerv2.7 2296df3ef80SGreg Tucker 2306df3ef80SGreg Tucker* New AVX2 versions for mb_md5 and mb_sha512 hashing code have been added. 2316df3ef80SGreg Tucker 2326df3ef80SGreg Tuckerv2.6 2336df3ef80SGreg Tucker 2346df3ef80SGreg Tucker* Update buffer functionality added to mb_md5, mb_sha256 and mb_sha512 hashing 2356df3ef80SGreg Tucker code. Requires API changes to current interface to specify job type and total 2366df3ef80SGreg Tucker length of hash. 2376df3ef80SGreg Tucker 2386df3ef80SGreg Tucker* New AVX2 versions for mb_sha1 and mb_sha256 hashing code have been added. 2396df3ef80SGreg Tucker 2406df3ef80SGreg Tuckerv2.5 2416df3ef80SGreg Tucker 2426df3ef80SGreg Tucker* New feature for multi-buffer SHA-1, update buffer. mb_sha1 non-finalize jobs 2436df3ef80SGreg Tucker can now be submitted by setting flags in job structure. Requires API changes 2446df3ef80SGreg Tucker to current interface to specify job type and total length of hash. 2456df3ef80SGreg Tucker 2466df3ef80SGreg Tuckerv2.4 2476df3ef80SGreg Tucker 2486df3ef80SGreg Tucker* Added new multi-buffer SHA-512: mb_sha512. SSE, AVX versions. 2496df3ef80SGreg Tucker 2506df3ef80SGreg Tuckerv2.3 2516df3ef80SGreg Tucker 2526df3ef80SGreg Tucker* Added improved AES XTS versions. 2536df3ef80SGreg Tucker 2546df3ef80SGreg Tuckerv2.2 2556df3ef80SGreg Tucker 2566df3ef80SGreg Tucker* Added new AVX versions of multi-buffer hashes 2576df3ef80SGreg Tucker* Changed type in the interface struct for multi-buffer hashes 2586df3ef80SGreg Tucker the len field in the following structures :JOB_SHA1,JOB_MD5, 2596df3ef80SGreg Tucker JOB_SHA256 is now a 32-bit int. 2606df3ef80SGreg Tucker 2616df3ef80SGreg Tuckerv2.0 2626df3ef80SGreg Tucker 2636df3ef80SGreg Tucker* Added AES XTS units aes_xts_128, aes_xts_256 2646df3ef80SGreg Tucker 2656df3ef80SGreg Tuckerv1.3 2666df3ef80SGreg Tucker 2676df3ef80SGreg Tucker* Added new multi-buffer units for SHA-256 and MD5: mb_sha256, mb_md5. 268