- Update to v2.0:
* YASM support removed.
* CMake: CET support added, man page installation fix, FreeBSD support added.
* Replaced Makefiles with CMake as default build system.
* Updated style check to clang-format version 18.
* AES-GCM: reduced binary size, small packet optimization, removed AVX512 type 1, improved AVX2 type 1, new AVX2 type 2 added.
* DES, 3DES/TDES and DES-DOCSIS: binary size reduction, reduced stack frame size, re-used common transpose macros.
* Fixed LFSR update in single buffer ZUC API implementation.
* SM4: added SM4-CTR and SM4-GCM SSE code, added AVX2-SM4-NI code for SM4-GCM, SM4-CTR, SM4-CBC and SM4-ECB.
* SHA2-512/384 & and HMAC-SHA2-512/384: added AVX2-SHA512-NI single-buffer and x2 multi-buffer code.
* SM3 and SM3-HMAC: added SM3-NI implementations.
* Added AES-CFB SSE type 1 and AVX512 type 2 implementations.
* Removed AESNI emulation support.
* Removed AVX Type 2 implementation.
* Removed AES-CMAC, AES-CCM, AES-CBC and AES-ECB x4 and by4 implementations from SSE type 1.
* Removed AVX type 1 implementations: SHA/MD5, CHACHA20-POLY1305, SNOW3G and KASUMI.
* Removed AVX architecture type.
* Changed SHA1 on AVX2 type 4 architecture to use multi-buffer implementation.
* Added check for XSAVE and OSXSAVE CPUID features for any AVX architecture type.
* Extended cipher burst API support with: AES-ECB, AES-CFB.
* Extended hash burst API support with: SHA1, SHA2-384/512, AES-CMAC.
* Added AEAD burst API with AES-CCM support.
* Added new API to retrieve optimal minimum burst size for hash, cipher and AEAD API's.
- Fixed issues:
* Version 1.5 fails to build on FreeBSD 13.2 (amd64) using CMake (issue #136)
* Make CMake builds behave more "normal" (issue #141)
* printf in lib code prevents using ipsec-mb in SGX environment (issue #142)
* EEA3(ZUC) 1 Buffer implementation LFSR update can result in invalid LFSR state, causing incorrect keystream generation (issue #144)
* Possible regression: init_mb_mgr_avx() corrupts state on Windows (issue #147)
* Crash seen on VMware with dpdk crypto using ipsec-mb library (issue #153)
OBS-URL: https://build.opensuse.org/request/show/1238292
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/intel-ipsec-mb?expand=0&rev=5
* YASM support removed.
* CMake: CET support added, man page installation fix, FreeBSD support added.
* Replaced Makefiles with CMake as default build system.
* Updated style check to clang-format version 18.
* AES-GCM: reduced binary size, small packet optimization, removed AVX512 type 1, improved AVX2 type 1, new AVX2 type 2 added.
* DES, 3DES/TDES and DES-DOCSIS: binary size reduction, reduced stack frame size, re-used common transpose macros.
* Fixed LFSR update in single buffer ZUC API implementation.
* SM4: added SM4-CTR and SM4-GCM SSE code, added AVX2-SM4-NI code for SM4-GCM, SM4-CTR, SM4-CBC and SM4-ECB.
* SHA2-512/384 & and HMAC-SHA2-512/384: added AVX2-SHA512-NI single-buffer and x2 multi-buffer code.
* SM3 and SM3-HMAC: added SM3-NI implementations.
* Added AES-CFB SSE type 1 and AVX512 type 2 implementations.
* Removed AESNI emulation support.
* Removed AVX Type 2 implementation.
* Removed AES-CMAC, AES-CCM, AES-CBC and AES-ECB x4 and by4 implementations from SSE type 1.
* Removed AVX type 1 implementations: SHA/MD5, CHACHA20-POLY1305, SNOW3G and KASUMI.
* Removed AVX architecture type.
* Changed SHA1 on AVX2 type 4 architecture to use multi-buffer implementation.
* Added check for XSAVE and OSXSAVE CPUID features for any AVX architecture type.
* Extended cipher burst API support with: AES-ECB, AES-CFB.
* Extended hash burst API support with: SHA1, SHA2-384/512, AES-CMAC.
* Added AEAD burst API with AES-CCM support.
* Added new API to retrieve optimal minimum burst size for hash, cipher and AEAD API's.
- Fixed issues:
* Version 1.5 fails to build on FreeBSD 13.2 (amd64) using CMake (issue #136)
* Make CMake builds behave more "normal" (issue #141)
* printf in lib code prevents using ipsec-mb in SGX environment (issue #142)
* EEA3(ZUC) 1 Buffer implementation LFSR update can result in invalid LFSR state, causing incorrect keystream generation (issue #144)
* Possible regression: init_mb_mgr_avx() corrupts state on Windows (issue #147)
* Crash seen on VMware with dpdk crypto using ipsec-mb library (issue #153)
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/intel-ipsec-mb?expand=0&rev=24
- Update to v1.5:
* CMake MinGW support added.
* QUIC CHACHA20-POLY1305 and CHACHA20 HP API added.
* AVX2-VAES AES-CTR and AES-GCM implementations added.
* SSE SM4-ECB and SM4-CBC implementations added.
* x86-64 SM3 and SM3-HMAC implementations added.
* Self-Test callback functionality added with message corrupt option.
* Implemented a workaround for false load-block condition in SSE AES-CBC implementations.
* Optimized CRC32 algorithms, AES-GCM AVX2 and AES-GCM AVX512 implementations.
* Updated ACVP app (imb-acvp) to support libacvp v2.0+.
* Test vector format standardized for various algorithms (CBC/CFB/CTR/ECB/DES/GCM/CCM/CHACHA20-POLY/SNOW3G/ZUC/KASUMI/SNOW-V).
* Extended xvalid app to test burst API.
* Burst API is used by default in imb-perf tool.
- Fixed issues:
* CMake files ignore LIB_INSTALL_DIR and incorrectly put the shared libraries in /usr/lib (issue #125)
* The CMakefile does not install the headers (normal Makefile does) (issue #126)
* File ./test/acvp-app/utils.o is not removed after "make clean" (issue #130)
* nasm can not find .inc .asm files when building with CMake (issue #131)
- More details at https://github.com/intel/intel-ipsec-mb/releases/tag/v1.5
OBS-URL: https://build.opensuse.org/request/show/1127317
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/intel-ipsec-mb?expand=0&rev=4
- Update to v1.4:
* POLY1305 AVX2 with AVX-IFMA instructions added.
* Optimized GHASH component in AVX512 VAES (type2) AES-GCM implementation.
* Implemented a workaround for false load-block condition in SSE and AVX2 AES-GCM implementations.
* Removed AVX AES-GCM implementation, its API symbols map to the SSE implementation.
* QUIC header protection API added.
* QUIC AES-GCM-128/256 AEAD API added.
* Removed v0.53 (and older) compatibility symbol mapping (NO_COMPAT_IMB_API_053 not defined).
* ZUC AVX2-GFNI implementation added.
* SHA-NI instructions enabled to use in SHA1/224/256 direct API
* New API (imb_set_session) added to be used with burst API, helping speeding up the crypto scheduling.
* New API added to calculate IPAD/OPAD for SHAx-HMAC.
* New direct API added to calculate DES-CFB and AES-CFB-256 on a single block.
- Fixed issues:
* MB_MGR corruption at initialization
* Performance scaling
- More details at https://github.com/intel/intel-ipsec-mb/releases/tag/v1.4
OBS-URL: https://build.opensuse.org/request/show/1103128
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/intel-ipsec-mb?expand=0&rev=3
* Optimized GHASH component in AVX512 VAES (type2) AES-GCM implementation.
* Implemented a workaround for false load-block condition in SSE and AVX2 AES-GCM implementations.
* Removed AVX AES-GCM implementation, its API symbols map to the SSE implementation.
* QUIC header protection API added.
* QUIC AES-GCM-128/256 AEAD API added.
* Removed v0.53 (and older) compatibility symbol mapping (NO_COMPAT_IMB_API_053 not defined).
* ZUC AVX2-GFNI implementation added.
* SHA-NI instructions enabled to use in SHA1/224/256 direct API
* New API (imb_set_session) added to be used with burst API, helping speeding up the crypto scheduling.
* New API added to calculate IPAD/OPAD for SHAx-HMAC.
* New direct API added to calculate DES-CFB and AES-CFB-256 on a single block.
- Fixed issues:
* MB_MGR corruption at initialization
* Performance scaling
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/intel-ipsec-mb?expand=0&rev=19
+ POLY1305 AVX2 with AVX-IFMA instructions added.
+ Optimized GHASH component in AVX512 VAES (type2) AES-GCM implementation.
+ Implemented a workaround for false load-block condition in SSE and AVX2 AES-GCM implementations.
+ Removed AVX AES-GCM implementation, its API symbols map to the SSE implementation.
+ QUIC header protection API added.
+ QUIC AES-GCM-128/256 AEAD API added.
+ Removed v0.53 (and older) compatibility symbol mapping (NO_COMPAT_IMB_API_053 not defined).
+ ZUC AVX2-GFNI implementation added.
+ SHA-NI instructions enabled to use in SHA1/224/256 direct API
+ New API (imb_set_session) added to be used with burst API, helping speeding up the crypto scheduling.
+ New API added to calculate IPAD/OPAD for SHAx-HMAC.
+ New direct API added to calculate DES-CFB and AES-CFB-256 on a single block.
+ Fixed issues:
++ MB_MGR corruption at initialization
++ performance scaling
- More details at https://github.com/intel/intel-ipsec-mb/releases/tag/v1.4
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/intel-ipsec-mb?expand=0&rev=18
