From a2be57f0502bae7869956c83d1ba620bfab051b3 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Niels=20M=C3=B6ller?= Date: Sun, 22 May 2022 16:18:42 +0200 Subject: [PATCH] NEWS entries for Nettle-3.8. --- NEWS | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) diff --git a/NEWS b/NEWS index 4a55da8f..907e6b85 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,75 @@ +NEWS for the Nettle 3.8 release + + This release includes a couple of new features, and many + performance improvements. It adds assembly code for two more + architectures: ARM64 and S390x. + + The new version is intended to be fully source and binary + compatible with Nettle-3.6. The shared library names are + libnettle.so.8.5 and libhogweed.so.6.5, with sonames + libnettle.so.8 and libhogweed.so.6. + + New features: + + * AES keywrap (RFC 3394), contributed by Nicolas Mora. + + * SM3 hash function, contributed by Tianjia Zhang. + + * New functions cbc_aes128_encrypt, cbc_aes192_encrypt, + cbc_aes256_encrypt. + + On processors where AES is fast enough, e.g., x86_64 with + aesni instructions, the overhead of using Nettle's general + cbc_encrypt can be significant. The new functions can be + implemented in assembly, to do multiple blocks with reduced + per-block overhead. + + Note that there's no corresponding new decrypt functions, + since the general cbc_decrypt doesn't suffer from the same + performance problem. + + Bug fixes: + + * Fix fat builds for x86_64 windows, these appear to never + have worked. + + Optimizations: + + * New ARM64 implementation of AES, GCM, Chacha, SHA1 and + SHA256, for processors supporting crypto extensions. Great + speedups, and fat builds are supported. Contributed by + Mamone Tarsha. + + * New s390x implementation of AES, GCM, Chacha, memxor, SHA1, + SHA256, SHA512 and SHA3. Great speedups, and fat builds are + supported. Contributed by Mamone Tarsha. + + * New PPC64 assembly for ecc modulo/redc operations, + contributed by Amitay Isaacs, Martin Schwenke and Alastair + D´Silva. + + * The x86_64 AES implementation using aesni instructions has + been reorganized with one separate function per key size, + each interleaving the processing of two blocks at a time + (when the caller processes multiple blocks with each call). + This gives a modest performance improvement on some + processors. + + * Rewritten and faster x86_64 poly1305 assembly. + + Miscellaneous: + + * Updated manual to current makeinfo conventions, with no + explicit node pointers. Generate pdf version with texi2pdf, + to get working hyper links. + + * Added square root functions for NIST ecc curves, as a + preparation for supporting compact point representation. + + * Reworked internal GCM/ghash interfaces, simplifying assembly + implementations. Deleted unused GCM C implementation + variants with less than 8-bit lookup table. + NEWS for the Nettle 3.7.3 release This is bugfix release, fixing bugs that could make the RSA -- 2.47.2