Skip to content

Drammen Spiral
Compare
Choose a tag to compare
@tkanteck tkanteck released this 27 Sep 08:43
· 794 commits to main since this release
v1.3
c3f041b

[Drammen Spiral

NIST CAVP for v1.3: Cryptographic Algorithm Validation Program CAVP Intel® Multi-Buffer Crypto for IPSec

Full Changelog: v1.2...v1.3

Library

  • ZUC-EIA3-256 8-byte and 16-byte tag support added for SSE, AVX, AVX2 and AVX512
  • AES-ECB AVX512-VAES implementation added
  • AES-ECB optimizations for AVX and SSE
  • AES-ECB AVX2-VAES implementation added
  • JOB API GHASH support added
  • SHA1/224/256/384/512 multi-buffer implementation added
  • Multi-buffer SHA1, SHA224 and SHA256 use SHANI if available
  • Synchronous cipher and hash burst API added
    • cipher API only supports AES-CBC and AES-CTR
    • hash API only supports HMAC-SHA1, HMAC-224, HMAC-256, HMAC-384 and HMAC-512
  • Asynchronous burst API added that supports all cipher and hash modes
  • SNOW3G-UEA2 SSE multi-buffer implementation added
  • SNOW3G-UIA2 SSE multi-buffer initialization and key-stream generation added
  • SNOW3G-UEA2 and SNOW3G-UIA2 SSE implementation used in JOB API for
    AVX and AVX2 architectures
  • API documentation added (doxygen generated)
  • New SGL job API (AES-GCM and CHACHA20-POLY1305 only)
  • Enforced EVEX PMADD52 encoding in AVX512 code
  • Restructured reset flow of architecture managers
  • SSE, AVX, AVX2 and AVX512 managers were split to better cover different types
  • Added library self-test functionality
  • enbranch64 not emitted on Windows builds (CET related)
  • use SHANI extensions in AVX2 type-2 and AVX type-2 for SHA224, HMAC-SHA224,
    SHA256 and HMAC-SHA256
  • use SHANI extensions in AVX type-2 for SHA1, HMAC-SHA1
  • no-GFNI option added to help with testing

Test Applications

  • GHASH JOB API support added in the test application, fuzzing and xvalid tools
  • Burst API support added for supported algorithms
  • ACVP test application extended to support: AES-GCM, AES-GMAC, AES-CCM,
    AES-CBC, AES-CTR, AES-CMAC, SHA1, SHA224, SHA256, SHA384, SHA512, HMAC-SHA1,
    HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, HMAC-SHA512
  • Cross validation (xvalid) tool improvements in pattern search functionality
  • FreeBSD added to github CI
  • Added AVX-SSE transition check to the cross validation tool (xvalid)
  • Wycheproof AES-GCM, AES-CCM, CHACHA20-POLY1305, AES-CMAC, AES-GMAC, HMAC-SHA1,
    HMAC-SHA224, HMAC-SHA256, HMAC-SHA384 and HMAC-SHA512 test vectors added
    to a new test tool
  • no-GFNI option added

Performance Application

  • GHASH support added (through JOB and direct API)
  • CHACHA20-POLY1305 support through direct API
  • Support added for SHA1/224/256/384/512
  • Burst API support added for supported algorithms
  • SGL support added (AES-GCM and CHACHA20-POLY1305 only)
  • no-GFNI option added

Resolved Issues

  • Fixed 23-byte IV expansion for ZUC-256 (issue #102)
  • Fixed incorrect 8-buffer SNOW3G key-stream generation (issue #104)
  • Numerous AVX-SSE transition fixes with SAFE_OPTIONS=n
  • [ZUC-EIA3] allow unaligned digest load/stores
  • AES-CCM authentication flush may load out of scope data (issue #107)
  • AES-CMAC authentication flush may load out of scope data (similar to issue #107)
Assets 2
Loading