Changes with version 0.13 12 Dec 2018 * Feature: relicense under the dual BSD/GPL-2.0+ license. * Feature: use unaligned SSE2 instructions for loading data. * Bugfix: improve the distribution detection in the RPM spec. * Bugfix: avoid the 'stringop-truncation' warning. * Bugfix: simplified version of add512() Changes with version 0.12 20 Apr 2018 * Feature: Dockerfile added * Feature: RPM specification added Changes with version 0.11 22 Feb 2013 * Feature: command line options "-e" introduced (switch endianness). The standard does not specifies explicitly how to output the resulting hash. This implementation outputs hash in hexadecimal format in order how bytes are represented in memory - least significant first. With this option set, program outputs digest in hexadecimal format in reversed order - most significant first. * Feature: example messages from standard are added in "examples" directory. * Feature: set SUPERCOP environment when configuring to prepare this implementation to run on SUPERCOP toolkit. * Bugfix: variables, structures, functions changed their names from *GOST3411* to fully-qualified *GOST34112012* * Bugfix: API: GOST34112012Init() now operates on allocated memory. Previously, memory allocation for context has been done with GOST34112012Init() call - this guarantee proper alignment for context's members. As for now, alignment is done with ALIGN keyword in object declaration and GOST34112012Init() does not allocate any byte of memory. * Bugfix: API: GOST34112012Final() now returns digest in memory pointed by second argument. Context member "hexdigest" not used anymore thus abandoned. It is up to calling application to present digest in hexadecimal (or any) format. Changes with version 0.10 29 Jan 2013 * Feature: performance optimization in substitution S: perform substitution by Pi[] while generating multiplication lookup table. Lookup table arranged in a such way totally eliminates the need to do whole S-cycle in LPS. * Feature: use SSE4.1 instructions set in LPS if available. * Feature: multiplication lookup table is now statically precomputed in header file and is in constant memory. * Bugfix: rewrite GOST3411Update() function to implement streaming mode when processing large amount of data. * Bugfix: rename round2() and round3() to stage2() and stage3() respectively. * Bugfix: in auto configuration probes: delete temporary files. Changes with version 0.09 22 Jan 2013 * Feature: internal data flow and representation rewritten so that whole internal state of compression function g() is hold in two XMM-register quadruples. This avoid copying of temporary key and internal state between rounds in g(), thus reduce instructions count per plaintext block. * Feature: with code optimization above, performance on 32-bit systems greatly improved and is now about as fast as with 64-bit systems. * Feature: detect MMX and SSE2 capabilities on compile time and use faster code when possible. From this version onward there are at least two versions of implementation: portable (not using any extensions like MMX or SSE) and optimized one. * Feature: big-endian systems compatibility. * Bugfix: in function g(): unload function's output directly to it's internal state, thus avoid one extra memcpy() call per plaintext block. * Bugfix: integer overflow incorrectly handled in addition by modulo 2. This could lead to incorrect results on some files. Changes with version 0.08 19 Jan 2013 * Feature: boost performance on 32-bit systems by using 64-bit MMX XOR instructions in XLPS. * Feature: Use 128-bit SSE2 for X on both 32-bit and 64-bit systems. For latter this will decrease number of instructions in about two times when XORing 512-bit block. Changes with version 0.07 17 Jan 2013 * Feature: boost performance on 32-bit systems by using SSE2. * Bugfix: padding function rewritten to less complex. * Bugfix: key generation function K replaced with XLPS macros to avoid inlining issues when max inline instruction limit reached. * Bugfix: encryption function E inlined to compression g to avoid compile-time inlining issues when max inline instruction limit reached. * Bugfix: use unsigned integers where possible. * Bugfix: fix typo in update() when comparing bufsize. * Bugfix: memory allocator rewritten to use posix_memalign(). Changes with version 0.06 09 Jan 2013 * Feature: performance optimization in LPS: hint compiler to use eight registers instead of union buffer. * Feature: performance optimization in permutation P: rotate matrix by cyclic right shifting bits in source matrix columns to rows in destination matrix. * Feature: as result of previous two optimizations: replace LPS macros with improved macros XLPS. * Bugfix: improve constant table C presentation to avoid runtime conversion in key generator K. * Bugfix: unroll key generation loop in E. * Bugfix: rename union member names according to their natural meaning. Changes with version 0.05 24 Dec 2012 * Feature: issue all the warnings demanded by strict ISO C. * Feature: performance optimization in LPS: execute substitution and permutation within single loop. Changes with version 0.04 17 Dec 2012 * Bugfix: fixed memory leaks (make valgrind happy). * Bugfix: update code to work on 32-bit systems. * Bugfix: code improvement in Key generator K. * Feature: performance optimization in linear transformation L (based on Assembler instructions generated by CLang). Changes with version 0.03 16 Dec 2012 * Bugfix: algorithm optimization in linear transformation L. Changes with version 0.02 15 Dec 2012 * Feature: Makefile improvements. * Bugfix: recent GCC version compatibility (GCC 4.7). * Bugfix: layout modification: isolate core from main program. * Bugfix: handle read errors with ferror(). Initial version 0.01 14 Dec 2012 GOST R 34.11-2012 hash function with 512/256 bits digest.