Commits · main · Arm Reference Solutions / IPSec MB

Aug 01, 2025
- Merge branch 'warning_fixes' into 'main' · e435ecd3
  Paul Elliott authored Aug 01, 2025
```
Lib: Fix build warnings/errors which were introduced in previous rebase work.

See merge request !35
```
  e435ecd3
- lib: comment unused AES-CMAC part in burst API for AArch64 · 2d66b8a4
  Islam Ragimov authored Jul 16, 2025
```
Signed-off-by: Islam Ragimov <islam.ragimov@arm.com>
```
  2d66b8a4
- lib: [cmake] remove NASM version check for AArch64 · 5aeba108
  Islam Ragimov authored Jul 18, 2025
```
Signed-off-by: Islam Ragimov <islam.ragimov@arm.com>
```
  5aeba108
Jul 04, 2025
- Merge branch 'rebase_04_07_2025' into 'main' · 0a7072b5
  Paul Elliott authored Jul 04, 2025
```
Rebase MR CY25Q3 1

See merge request !34

No notable differences from the base repository.
```
  SECLIB-IPSEC-2025.07.04
  
  0a7072b5
- avx512: [aes-cfb] enable 16 buffer encryption with VAES ISA extension · af99b867
  Kamila Lipinska authored Sep 04, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
  
  af99b867
- update apps for new install directory structure on windows · 3822dde5
  Marcel Cornu authored Aug 29, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  3822dde5
- lib: update lib install directory structure on windows · 2fb7ef6c
  Marcel Cornu authored Aug 29, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  2fb7ef6c
- lib: [cmake] update lib install directory structure on windows · 6bc8daca
  Marcel Cornu authored Aug 29, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  6bc8daca
- lib: [avx/avx2/avx512] detect and check OSXSAVE CPUID flag · 4c9cdc07
  Tomasz Kantecki authored Aug 26, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
  
  4c9cdc07
- avx2: [aes-gcm] improve performance for larger buffers · a168c841
  Tomasz Kantecki authored Jul 29, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
- re-arranged GHASH key table layout
- added label alignment and move 1st data block load to after counter blocks creation
- code size reduction
  - added GHASH last 7 and last 8 functions
  - initial blocks implemented as a function that works across different key sizes
- improvements in GHASH_8_ENCRYPT_8_PARALLEL:
  - do not explicitly load hash keys into register, use memory operand with pclmulqdq
  - pipeline loads of data for GHASH, all key loads are aligned
  - re-worked last encryption round, load, xor and store of plain/cipher text
  - made use of extra T4:T7 registers to load plain/cipher text
```
  a168c841
- lib: [SHA512] minor optimizations in AVX2 SHA512 NI multi-buffer scheduler · 7db3870b
  Marcel Cornu authored Aug 23, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  7db3870b
- doc: update README and release notes for SHA512/384 x2 · 42369dd5
  Marcel Cornu authored Aug 22, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  42369dd5
- lib: [SHA512] minor optimization in AVX2 SHA512 NI multi-buffer · d094a156
  Marcel Cornu authored Aug 22, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  d094a156
- cmake: add library only build option · de5410f6
  Marcel Cornu authored Aug 26, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  de5410f6
- avx512: [aes-cfb] enable 16 block decryption with VAES ISA extension · def0a742
  Kamila Lipinska authored Aug 22, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
  
  def0a742
- doc: update README and release notes · f2df7478
  Pablo de Lara authored Aug 19, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
  
  f2df7478
- avx2_t4: [SM4] add SM4-CBC decryption implementation with SM4-NI · 09ed94f6
  Pablo de Lara authored Aug 19, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
```
  09ed94f6
- avx2_t4: [SM4] add SM4-CBC encryption implementation with SM4-NI · 227a8eb6
  Pablo de Lara authored Aug 18, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
```
  227a8eb6
- perf: [imb-perf] print timebox and measurement mode details · 063b8ee8
  Marcel Cornu authored Aug 15, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  063b8ee8
- perf: [imb-perf] add missing AEAD burst to API list · 004ca91b
  Marcel Cornu authored Aug 07, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  004ca91b
- perf: [imb-perf] add option to report total bytes processed · b08c80b8
  Marcel Cornu authored Aug 07, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  b08c80b8
- perf: [imb-perf] add option to set timebox timeout · 5bbfc334
  Marcel Cornu authored Aug 06, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  5bbfc334
- lib: Add endbranch64 to SSE CFB start · 2a50f900
  Lipinska, Kamila authored Aug 14, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
  
  2a50f900
- perf: Include AES-CFB in perf tests · c52544f6
  Lipinska, Kamila authored Aug 07, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
  
  c52544f6
- test: Unify number of jobs tested in KAT tests · 64e3e1c1
  Lipinska, Kamila authored Aug 08, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
  
  64e3e1c1
- test: Add AES-CFB to xvalid-app tests · 171cc66f
  Lipinska, Kamila authored Jul 24, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
  
  171cc66f
- lib: Enable AES-CFB in cipher-burst API · 93940b35
  Lipinska, Kamila authored Jul 23, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
  
  93940b35
- test: Add tests for AES-CFB · 75ee8d31
  Lipinska, Kamila authored Jul 23, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
  
  75ee8d31
- lib: Enable AES-CFB in JOB API · c46664ae
  Lipinska, Kamila authored Jul 23, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
  
  c46664ae
- lib: Add AES CFB enc/dec SSE implementation for single buffer · ff0d95d9
  Lipinska, Kamila authored Jul 16, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
  
  ff0d95d9
- lib: add AES-CMAC support to imb_hash_burst_get_size() · 750be5ff
  Marcel Cornu authored Aug 08, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  750be5ff
- test: [AES-CMAC] remove unnecessary direction tests · 90481096
  Marcel Cornu authored Aug 02, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  90481096
- test: [AES-CMAC] extend test to exercise hash burst API · db51fe1b
  Marcel Cornu authored Aug 02, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  db51fe1b
- lib: add AES-CMAC support to hash burst API · 9b14f4d9
  Marcel Cornu authored Aug 02, 2024 and Osiroyame Mayungbo committed Jul 04, 2025
```
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
```
  9b14f4d9
Jun 27, 2025

Merge branch 'hmac-sha' into 'main' · 4b9d39b7

Paul Elliott authored Jun 27, 2025

lib: [aarch64] sha security improvement: safe_memcpy and stack cleanup

See merge request !33

* add secure zeroing of stack in safe data mode for multi-buffer sha1
* add safe_memcpy for aarch64 platforms.

4b9d39b7

lib: [aarch64] add safe_memcpy for aarch64 platforms · 2738dbe2

Islam Ragimov authored Apr 01, 2025



- replace memcpy() with safe_memcpy() in imb_hmac_ipad_opad()

Signed-off-by: Islam Ragimov <islam.ragimov@arm.com>

2738dbe2

lib: [sha1] secure zeroing of stack in safe data mode · 1840b7c3

Islam Ragimov authored Jun 23, 2025



- issue was found in multi-buffer sha1 impl for aarch64 neon.
- issue: Part of plain/ciphertext is presented on the stack.
- fix: Addition of clearing sensitive data from the stack.

Signed-off-by: Islam Ragimov <islam.ragimov@arm.com>

1840b7c3

Jun 20, 2025

Merge branch 'hmac-sha' into 'main' · 5c81907e

Paul Elliott authored Jun 20, 2025

lib: [hmac-sha] add (hmac-)sha1 implementation for aarch64 platform

See merge request !32

5c81907e

Jun 18, 2025

lib: [hmac-sha1] add hmac-sha1 implementation for aarch64 platform · 517b3cfc

Fisher Yu authored Nov 08, 2024 and

Islam Ragimov committed Jun 18, 2025



- add single-buffer SHA1 implementation
- add direct API for SHA1
- support direct/job/burst API for HMAC-SHA1
- uncomment corresponding kat/xvalid-app tests

Signed-off-by: Islam Ragimov <islam.ragimov@arm.com>

517b3cfc

lib: [sha1] add sha1 implementation for aarch64 platform · 10956bef

Fisher Yu authored Jan 08, 2025 and

Islam Ragimov committed Jun 18, 2025



- add 4-buffer SHA1 implementation
- support job/burst API for SHA1
- uncomment corresponding kat/xvalid-app tests

Signed-off-by: Islam Ragimov <islam.ragimov@arm.com>

10956bef