From 23d359239dd8bc16eb48184fe497238a100c4050 Mon Sep 17 00:00:00 2001
From: Ben Marshall <ben.marshall@bristol.ac.uk>
Date: Tue, 22 Sep 2020 13:52:18 +0100
Subject: [PATCH] Implement instruction re-naming.

- Closes #48 - Instruction Renaming
- Closes #46 - Shorter names, and consistency for instructions with immediate operands
- Closes #45 - Vector instruction names and dot-extensions
- Closes #42 - Use of "dots" in assembly instruction names
- Closes #41 - Change scalar instruction names to remove 's' prefix.

This is a squash commit. It contains all of the commits made on
the `dev/instruction-renaming` branch.

---

commit 93be8b084e44fe2918264f967eb339a7526c15c9
Author: Ben Marshall <ben.marshall@bristol.ac.uk>
Date:   Tue Sep 22 13:49:29 2020 +0100

    sail: pollentropy -> pollentropyi

commit 519a04f8f073867b48462b4902ad89b60cc2919a
Author: Ben Marshall <ben.marshall@bristol.ac.uk>
Date:   Tue Sep 22 13:45:56 2020 +0100

    spec, sail: Instruction renaming.

    - Implement all renaming for SAIL and LaTeX source file.

     On branch dev/instruction-renaming
     Changes to be committed:
    	modified:   doc/opcodes-crypto-scalar.tex
    	modified:   doc/opcodes-crypto-vector.tex
    	modified:   doc/tex/sec-scalar-aes.tex
    	modified:   doc/tex/sec-scalar-sha2.tex
    	modified:   doc/tex/sec-scalar-sm3.tex
    	modified:   doc/tex/sec-scalar-sm4.tex
    	modified:   doc/tex/sec-scalar.tex
    	modified:   doc/tex/sec-vector-aes.tex
    	modified:   doc/tex/sec-vector-grev.tex
    	modified:   doc/tex/sec-vector-rotate.tex
    	modified:   doc/tex/sec-vector-sha2.tex
    	modified:   sail/riscv_insts_crypto.sail
    	modified:   sail/riscv_insts_crypto_rv32.sail
    	modified:   sail/riscv_insts_crypto_rv64.sail
    	modified:   sail/riscv_types_crypto.sail
    	modified:   tools/opcodes-crypto-vector

     Changes not staged for commit:
    	modified:   extern/riscv-gnu-toolchain (modified content)
    	modified:   extern/riscv-isa-sim (modified content)

commit 5fa3fb1f30e675e954c3c577daae8fb5fa7fb44f
Author: Ben Marshall <ben.marshall@bristol.ac.uk>
Date:   Sun Sep 20 18:55:22 2020 +0100

    Working on #48 - Instruction Renaming.

    - Renamed all scalar instructions in:
      - Benchmarks
      - Spike
      - Binutils
      - Opcode descriptions.
    - Still do do:
      - Specs: Vector and Scalar
      - SAIL code.
      - Example RTL.

     On branch dev/instruction-renaming
     Changes to be committed:
    	modified:   benchmarks/aes/zscrypto_rv32/aes_128_ks.S
    	modified:   benchmarks/aes/zscrypto_rv32/aes_192_ks.S
    	modified:   benchmarks/aes/zscrypto_rv32/aes_256_ks.S
    	modified:   benchmarks/aes/zscrypto_rv32/aes_dec.S
    	modified:   benchmarks/aes/zscrypto_rv32/aes_enc.S
    	modified:   benchmarks/aes/zscrypto_rv64/aes_128_ks.S
    	modified:   benchmarks/aes/zscrypto_rv64/aes_192_ks.S
    	modified:   benchmarks/aes/zscrypto_rv64/aes_256_ks.S
    	modified:   benchmarks/aes/zscrypto_rv64/aes_dec.S
    	modified:   benchmarks/aes/zscrypto_rv64/aes_enc.S
    	modified:   benchmarks/aes/zscrypto_rv64/aes_ks_dec_invmc.S
    	modified:   benchmarks/sha256/zscrypto/sha256.c
    	modified:   benchmarks/sha512/zscrypto_rv64/sha512.c
    	modified:   benchmarks/share/riscv-crypto-intrinsics.h
    	modified:   benchmarks/sm4/zscrypto/sm4_zscrypto.c
    	modified:   tools/opcodes-crypto-scalar
    	modified:   tools/opcodes-crypto-vector
    	modified:   tools/patch-binutils.patch
    	modified:   tools/patch-spike.patch

     Changes not staged for commit:
    	modified:   extern/riscv-gnu-toolchain (modified content, untracked content)
    	modified:   extern/riscv-isa-sim (modified content)

 On branch dev/next-release
 Your branch is up-to-date with 'origin/dev/next-release'.

 Changes to be committed:
	modified:   benchmarks/aes/zscrypto_rv32/aes_128_ks.S
	modified:   benchmarks/aes/zscrypto_rv32/aes_192_ks.S
	modified:   benchmarks/aes/zscrypto_rv32/aes_256_ks.S
	modified:   benchmarks/aes/zscrypto_rv32/aes_dec.S
	modified:   benchmarks/aes/zscrypto_rv32/aes_enc.S
	modified:   benchmarks/aes/zscrypto_rv64/aes_128_ks.S
	modified:   benchmarks/aes/zscrypto_rv64/aes_192_ks.S
	modified:   benchmarks/aes/zscrypto_rv64/aes_256_ks.S
	modified:   benchmarks/aes/zscrypto_rv64/aes_dec.S
	modified:   benchmarks/aes/zscrypto_rv64/aes_enc.S
	modified:   benchmarks/aes/zscrypto_rv64/aes_ks_dec_invmc.S
	modified:   benchmarks/sha256/zscrypto/sha256.c
	modified:   benchmarks/sha512/zscrypto_rv64/sha512.c
	modified:   benchmarks/share/riscv-crypto-intrinsics.h
	modified:   benchmarks/sm4/zscrypto/sm4_zscrypto.c
	modified:   doc/opcodes-crypto-scalar.tex
	modified:   doc/opcodes-crypto-vector.tex
	modified:   doc/tex/sec-scalar-aes.tex
	modified:   doc/tex/sec-scalar-sha2.tex
	modified:   doc/tex/sec-scalar-sm3.tex
	modified:   doc/tex/sec-scalar-sm4.tex
	modified:   doc/tex/sec-scalar.tex
	modified:   doc/tex/sec-vector-aes.tex
	modified:   doc/tex/sec-vector-grev.tex
	modified:   doc/tex/sec-vector-rotate.tex
	modified:   doc/tex/sec-vector-sha2.tex
	modified:   sail/riscv_insts_crypto.sail
	modified:   sail/riscv_insts_crypto_rv32.sail
	modified:   sail/riscv_insts_crypto_rv64.sail
	modified:   sail/riscv_types_crypto.sail
	modified:   tools/opcodes-crypto-scalar
	modified:   tools/opcodes-crypto-vector
	modified:   tools/patch-binutils.patch
	modified:   tools/patch-spike.patch

 Changes not staged for commit:
	modified:   extern/riscv-gnu-toolchain (modified content)
	modified:   extern/riscv-isa-sim (modified content)
---
 benchmarks/aes/zscrypto_rv32/aes_128_ks.S     |  24 +-
 benchmarks/aes/zscrypto_rv32/aes_192_ks.S     |  24 +-
 benchmarks/aes/zscrypto_rv32/aes_256_ks.S     |  32 +-
 benchmarks/aes/zscrypto_rv32/aes_dec.S        | 114 ++---
 benchmarks/aes/zscrypto_rv32/aes_enc.S        |  96 ++--
 benchmarks/aes/zscrypto_rv64/aes_128_ks.S     |   6 +-
 benchmarks/aes/zscrypto_rv64/aes_192_ks.S     |  14 +-
 benchmarks/aes/zscrypto_rv64/aes_256_ks.S     |  18 +-
 benchmarks/aes/zscrypto_rv64/aes_dec.S        |  48 +-
 benchmarks/aes/zscrypto_rv64/aes_enc.S        |  56 +--
 .../aes/zscrypto_rv64/aes_ks_dec_invmc.S      |   4 +-
 benchmarks/sha256/zscrypto/sha256.c           |   8 +-
 benchmarks/sha512/zscrypto_rv64/sha512.c      |   8 +-
 benchmarks/share/riscv-crypto-intrinsics.h    |  62 ++-
 benchmarks/sm4/zscrypto/sm4_zscrypto.c        |  16 +-
 doc/opcodes-crypto-scalar.tex                 |  60 +--
 doc/opcodes-crypto-vector.tex                 |  24 +-
 doc/tex/sec-scalar-aes.tex                    |  46 +-
 doc/tex/sec-scalar-sha2.tex                   |  38 +-
 doc/tex/sec-scalar-sm3.tex                    |   4 +-
 doc/tex/sec-scalar-sm4.tex                    |   8 +-
 doc/tex/sec-scalar.tex                        |   1 +
 doc/tex/sec-vector-aes.tex                    |  34 +-
 doc/tex/sec-vector-grev.tex                   |   5 +-
 doc/tex/sec-vector-rotate.tex                 |   5 +-
 doc/tex/sec-vector-sha2.tex                   |  20 +-
 sail/riscv_insts_crypto.sail                  | 130 +++---
 sail/riscv_insts_crypto_rv32.sail             | 126 ++---
 sail/riscv_insts_crypto_rv64.sail             | 134 +++---
 sail/riscv_types_crypto.sail                  |  32 +-
 tools/opcodes-crypto-scalar                   |  60 +--
 tools/opcodes-crypto-vector                   |  24 +-
 tools/patch-binutils.patch                    | 275 +++++++----
 tools/patch-spike.patch                       | 440 +++++++++---------
 34 files changed, 1041 insertions(+), 955 deletions(-)

diff --git a/benchmarks/aes/zscrypto_rv32/aes_128_ks.S b/benchmarks/aes/zscrypto_rv32/aes_128_ks.S
index 140099e0..dcc360e9 100644
--- a/benchmarks/aes/zscrypto_rv32/aes_128_ks.S
+++ b/benchmarks/aes/zscrypto_rv32/aes_128_ks.S
@@ -57,10 +57,10 @@ aes_128_enc_key_schedule:       // a0 - uint32_t rk [AES_128_RK_WORDS]
     xor     C0, C0, RCT         // c0 ^= rcp
 
     ROR32I T1, T2, C3, 8        // tr = ROR32(c3, 8)
-    saes32.encs C0, C0, T1, 0   // tr = sbox(tr)
-    saes32.encs C0, C0, T1, 1   //
-    saes32.encs C0, C0, T1, 2   //
-    saes32.encs C0, C0, T1, 3   //
+    aes32esi C0, C0, T1, 0   // tr = sbox(tr)
+    aes32esi C0, C0, T1, 1   //
+    aes32esi C0, C0, T1, 2   //
+    aes32esi C0, C0, T1, 3   //
 
     xor     C1, C1, C0          // C1 ^= C0
     xor     C2, C2, C1          // C1 ^= C0
@@ -110,15 +110,15 @@ aes_128_dec_key_schedule:           // a0 - uint32_t rk [AES_128_RK_WORDS]
         
         lw   T0, 0(RKP)              // Load key word
 
-        saes32.encs  T1, zero, T0, 0 // Sub Word Forward
-        saes32.encs  T1, T1  , T0, 1 
-        saes32.encs  T1, T1  , T0, 2
-        saes32.encs  T1, T1  , T0, 3
+        aes32esi  T1, zero, T0, 0 // Sub Word Forward
+        aes32esi  T1, T1  , T0, 1 
+        aes32esi  T1, T1  , T0, 2
+        aes32esi  T1, T1  , T0, 3
 
-        saes32.decsm T0, zero, T1, 0 // Sub Word Inverse & Inverse MixColumns
-        saes32.decsm T0, T0  , T1, 1
-        saes32.decsm T0, T0  , T1, 2
-        saes32.decsm T0, T0  , T1, 3
+        aes32dsmi T0, zero, T1, 0 // Sub Word Inverse & Inverse MixColumns
+        aes32dsmi T0, T0  , T1, 1
+        aes32dsmi T0, T0  , T1, 2
+        aes32dsmi T0, T0  , T1, 3
 
         sw   T0, 0(RKP)             // Store key word.
 
diff --git a/benchmarks/aes/zscrypto_rv32/aes_192_ks.S b/benchmarks/aes/zscrypto_rv32/aes_192_ks.S
index 3a56d197..ed3731d4 100644
--- a/benchmarks/aes/zscrypto_rv32/aes_192_ks.S
+++ b/benchmarks/aes/zscrypto_rv32/aes_192_ks.S
@@ -67,10 +67,10 @@ aes_192_enc_key_schedule:       // a0 - uint32_t rk [AES_192_RK_WORDS]
     xor     C0, C0, RCT         // c0 ^= rcp
 
     ROR32I T1, T2, C5, 8        // tr = ROR32(c3, 8)
-    saes32.encs C0, C0, T1, 0   // tr = sbox(tr)
-    saes32.encs C0, C0, T1, 1   //
-    saes32.encs C0, C0, T1, 2   //
-    saes32.encs C0, C0, T1, 3   //
+    aes32esi C0, C0, T1, 0   // tr = sbox(tr)
+    aes32esi C0, C0, T1, 1   //
+    aes32esi C0, C0, T1, 2   //
+    aes32esi C0, C0, T1, 3   //
 
     xor     C1, C1, C0          // C1 ^= C0
     xor     C2, C2, C1          // C2 ^= C1
@@ -122,15 +122,15 @@ aes_192_dec_key_schedule:           // a0 - uint32_t rk [AES_192_RK_WORDS]
         
         lw   T0, 0(RKP)              // Load key word
 
-        saes32.encs  T1, zero, T0, 0 // Sub Word Forward
-        saes32.encs  T1, T1  , T0, 1 
-        saes32.encs  T1, T1  , T0, 2
-        saes32.encs  T1, T1  , T0, 3
+        aes32esi  T1, zero, T0, 0 // Sub Word Forward
+        aes32esi  T1, T1  , T0, 1 
+        aes32esi  T1, T1  , T0, 2
+        aes32esi  T1, T1  , T0, 3
 
-        saes32.decsm T0, zero, T1, 0 // Sub Word Inverse & Inverse MixColumns
-        saes32.decsm T0, T0  , T1, 1
-        saes32.decsm T0, T0  , T1, 2
-        saes32.decsm T0, T0  , T1, 3
+        aes32dsmi T0, zero, T1, 0 // Sub Word Inverse & Inverse MixColumns
+        aes32dsmi T0, T0  , T1, 1
+        aes32dsmi T0, T0  , T1, 2
+        aes32dsmi T0, T0  , T1, 3
 
         sw   T0, 0(RKP)             // Store key word.
 
diff --git a/benchmarks/aes/zscrypto_rv32/aes_256_ks.S b/benchmarks/aes/zscrypto_rv32/aes_256_ks.S
index ba759fb2..463eb562 100644
--- a/benchmarks/aes/zscrypto_rv32/aes_256_ks.S
+++ b/benchmarks/aes/zscrypto_rv32/aes_256_ks.S
@@ -71,10 +71,10 @@ aes_256_enc_key_schedule:       // a0 - uint32_t rk [AES_256_RK_WORDS]
     xor     C0, C0, RCT         // c0 ^= rcp
                                 
     ROR32I T1, T2, C7, 8        // tr = ROR32(c3, 8)
-    saes32.encs C0, C0, T1, 0   // tr = sbox(tr)
-    saes32.encs C0, C0, T1, 1   //
-    saes32.encs C0, C0, T1, 2   //
-    saes32.encs C0, C0, T1, 3   //
+    aes32esi C0, C0, T1, 0   // tr = sbox(tr)
+    aes32esi C0, C0, T1, 1   //
+    aes32esi C0, C0, T1, 2   //
+    aes32esi C0, C0, T1, 3   //
     
     xor     C1, C1, C0          // C1 ^= C0
     xor     C2, C2, C1          // C2 ^= C1
@@ -87,10 +87,10 @@ aes_256_enc_key_schedule:       // a0 - uint32_t rk [AES_256_RK_WORDS]
     
     beq     RKE, RKP, .aes_256_enc_ks_finish
     
-    saes32.encs C4, C4, C3, 0   // tr = sbox(tr)
-    saes32.encs C4, C4, C3, 1   //
-    saes32.encs C4, C4, C3, 2   //
-    saes32.encs C4, C4, C3, 3   //
+    aes32esi C4, C4, C3, 0   // tr = sbox(tr)
+    aes32esi C4, C4, C3, 1   //
+    aes32esi C4, C4, C3, 2   //
+    aes32esi C4, C4, C3, 3   //
 
     xor     C5, C5, C4          // C5 ^= C4
     xor     C6, C6, C5          // C6 ^= C5
@@ -140,15 +140,15 @@ aes_256_dec_key_schedule:           // a0 - uint32_t rk [AES_256_RK_WORDS]
         
         lw   T0, 0(RKP)              // Load key word
 
-        saes32.encs  T1, zero, T0, 0 // Sub Word Forward
-        saes32.encs  T1, T1  , T0, 1 
-        saes32.encs  T1, T1  , T0, 2
-        saes32.encs  T1, T1  , T0, 3
+        aes32esi  T1, zero, T0, 0 // Sub Word Forward
+        aes32esi  T1, T1  , T0, 1 
+        aes32esi  T1, T1  , T0, 2
+        aes32esi  T1, T1  , T0, 3
 
-        saes32.decsm T0, zero, T1, 0 // Sub Word Inverse & Inverse MixColumns
-        saes32.decsm T0, T0  , T1, 1
-        saes32.decsm T0, T0  , T1, 2
-        saes32.decsm T0, T0  , T1, 3
+        aes32dsmi T0, zero, T1, 0 // Sub Word Inverse & Inverse MixColumns
+        aes32dsmi T0, T0  , T1, 1
+        aes32dsmi T0, T0  , T1, 2
+        aes32dsmi T0, T0  , T1, 3
 
         sw   T0, 0(RKP)             // Store key word.
 
diff --git a/benchmarks/aes/zscrypto_rv32/aes_dec.S b/benchmarks/aes/zscrypto_rv32/aes_dec.S
index 0373537e..e22c7904 100644
--- a/benchmarks/aes/zscrypto_rv32/aes_dec.S
+++ b/benchmarks/aes/zscrypto_rv32/aes_dec.S
@@ -61,25 +61,25 @@ aes_ecb_decrypt:                                // a2 - uint32_t  * rk,
         lw      U2, 24(KP)
         lw      U3, 28(KP)
 
-        saes32.decsm   U0, U0, T0, 0            // Even Round
-        saes32.decsm   U0, U0, T3, 1
-        saes32.decsm   U0, U0, T2, 2
-        saes32.decsm   U0, U0, T1, 3
-                                 
-        saes32.decsm   U1, U1, T1, 0
-        saes32.decsm   U1, U1, T0, 1
-        saes32.decsm   U1, U1, T3, 2
-        saes32.decsm   U1, U1, T2, 3
-                                 
-        saes32.decsm   U2, U2, T2, 0
-        saes32.decsm   U2, U2, T1, 1
-        saes32.decsm   U2, U2, T0, 2
-        saes32.decsm   U2, U2, T3, 3
-                                 
-        saes32.decsm   U3, U3, T3, 0
-        saes32.decsm   U3, U3, T2, 1
-        saes32.decsm   U3, U3, T1, 2
-        saes32.decsm   U3, U3, T0, 3            // U* contains new state
+        aes32dsmi  U0, U0, T0, 0            // Even Round
+        aes32dsmi  U0, U0, T3, 1
+        aes32dsmi  U0, U0, T2, 2
+        aes32dsmi  U0, U0, T1, 3
+
+        aes32dsmi  U1, U1, T1, 0
+        aes32dsmi  U1, U1, T0, 1
+        aes32dsmi  U1, U1, T3, 2
+        aes32dsmi  U1, U1, T2, 3
+
+        aes32dsmi  U2, U2, T2, 0
+        aes32dsmi  U2, U2, T1, 1
+        aes32dsmi  U2, U2, T0, 2
+        aes32dsmi  U2, U2, T3, 3
+
+        aes32dsmi  U3, U3, T3, 0
+        aes32dsmi  U3, U3, T2, 1
+        aes32dsmi  U3, U3, T1, 2
+        aes32dsmi  U3, U3, T0, 3            // U* contains new state
 
         lw      T0,  0(KP)                      // Load Round Key
         lw      T1,  4(KP)
@@ -89,49 +89,49 @@ aes_ecb_decrypt:                                // a2 - uint32_t  * rk,
         beq     RK, KP, .aes_dec_block_l_finish // Break from loop
         addi    KP, KP, -32                     // Step Key pointer
         
-        saes32.decsm   T0, T0, U0, 0            // Odd Round
-        saes32.decsm   T0, T0, U3, 1
-        saes32.decsm   T0, T0, U2, 2
-        saes32.decsm   T0, T0, U1, 3
-                                 
-        saes32.decsm   T1, T1, U1, 0
-        saes32.decsm   T1, T1, U0, 1
-        saes32.decsm   T1, T1, U3, 2
-        saes32.decsm   T1, T1, U2, 3
-                                 
-        saes32.decsm   T2, T2, U2, 0
-        saes32.decsm   T2, T2, U1, 1
-        saes32.decsm   T2, T2, U0, 2
-        saes32.decsm   T2, T2, U3, 3
-                                 
-        saes32.decsm   T3, T3, U3, 0
-        saes32.decsm   T3, T3, U2, 1
-        saes32.decsm   T3, T3, U1, 2
-        saes32.decsm   T3, T3, U0, 3            // T* contains new state
+        aes32dsmi  T0, T0, U0, 0            // Odd Round
+        aes32dsmi  T0, T0, U3, 1
+        aes32dsmi  T0, T0, U2, 2
+        aes32dsmi  T0, T0, U1, 3
+
+        aes32dsmi  T1, T1, U1, 0
+        aes32dsmi  T1, T1, U0, 1
+        aes32dsmi  T1, T1, U3, 2
+        aes32dsmi  T1, T1, U2, 3
+
+        aes32dsmi  T2, T2, U2, 0
+        aes32dsmi  T2, T2, U1, 1
+        aes32dsmi  T2, T2, U0, 2
+        aes32dsmi  T2, T2, U3, 3
+
+        aes32dsmi  T3, T3, U3, 0
+        aes32dsmi  T3, T3, U2, 1
+        aes32dsmi  T3, T3, U1, 2
+        aes32dsmi  T3, T3, U0, 3            // T* contains new state
 
     j .aes_dec_block_l0                         // repeat loop
 
 .aes_dec_block_l_finish:
     
-    saes32.decs    T0, T0, U0, 0                // Final round, no MixColumns
-    saes32.decs    T0, T0, U3, 1
-    saes32.decs    T0, T0, U2, 2
-    saes32.decs    T0, T0, U1, 3
-                             
-    saes32.decs    T1, T1, U1, 0
-    saes32.decs    T1, T1, U0, 1
-    saes32.decs    T1, T1, U3, 2
-    saes32.decs    T1, T1, U2, 3
-                             
-    saes32.decs    T2, T2, U2, 0
-    saes32.decs    T2, T2, U1, 1
-    saes32.decs    T2, T2, U0, 2
-    saes32.decs    T2, T2, U3, 3
-                             
-    saes32.decs    T3, T3, U3, 0
-    saes32.decs    T3, T3, U2, 1
-    saes32.decs    T3, T3, U1, 2
-    saes32.decs    T3, T3, U0, 3               // T* contains new state
+    aes32dsi    T0, T0, U0, 0                // Final round, no MixColumns
+    aes32dsi    T0, T0, U3, 1
+    aes32dsi    T0, T0, U2, 2
+    aes32dsi    T0, T0, U1, 3
+
+    aes32dsi    T1, T1, U1, 0
+    aes32dsi    T1, T1, U0, 1
+    aes32dsi    T1, T1, U3, 2
+    aes32dsi    T1, T1, U2, 3
+
+    aes32dsi    T2, T2, U2, 0
+    aes32dsi    T2, T2, U1, 1
+    aes32dsi    T2, T2, U0, 2
+    aes32dsi    T2, T2, U3, 3
+
+    aes32dsi    T3, T3, U3, 0
+    aes32dsi    T3, T3, U2, 1
+    aes32dsi    T3, T3, U1, 2
+    aes32dsi    T3, T3, U0, 3               // T* contains new state
 
     AES_DUMP_STATE  T0, T1, T2, T3, PT
 
diff --git a/benchmarks/aes/zscrypto_rv32/aes_enc.S b/benchmarks/aes/zscrypto_rv32/aes_enc.S
index 380defc6..42971c67 100644
--- a/benchmarks/aes/zscrypto_rv32/aes_enc.S
+++ b/benchmarks/aes/zscrypto_rv32/aes_enc.S
@@ -61,25 +61,25 @@ aes_ecb_encrypt:                                // a2 - uint32_t  * rk,
         lw      U2, 24(RK)
         lw      U3, 28(RK)
 
-        saes32.encsm   U0, U0, T0, 0            // Even Round
-        saes32.encsm   U0, U0, T1, 1
-        saes32.encsm   U0, U0, T2, 2
-        saes32.encsm   U0, U0, T3, 3
+        aes32esmi   U0, U0, T0, 0            // Even Round
+        aes32esmi   U0, U0, T1, 1
+        aes32esmi   U0, U0, T2, 2
+        aes32esmi   U0, U0, T3, 3
                                  
-        saes32.encsm   U1, U1, T1, 0
-        saes32.encsm   U1, U1, T2, 1
-        saes32.encsm   U1, U1, T3, 2
-        saes32.encsm   U1, U1, T0, 3
+        aes32esmi   U1, U1, T1, 0
+        aes32esmi   U1, U1, T2, 1
+        aes32esmi   U1, U1, T3, 2
+        aes32esmi   U1, U1, T0, 3
                                  
-        saes32.encsm   U2, U2, T2, 0
-        saes32.encsm   U2, U2, T3, 1
-        saes32.encsm   U2, U2, T0, 2
-        saes32.encsm   U2, U2, T1, 3
+        aes32esmi   U2, U2, T2, 0
+        aes32esmi   U2, U2, T3, 1
+        aes32esmi   U2, U2, T0, 2
+        aes32esmi   U2, U2, T1, 3
                                  
-        saes32.encsm   U3, U3, T3, 0
-        saes32.encsm   U3, U3, T0, 1
-        saes32.encsm   U3, U3, T1, 2
-        saes32.encsm   U3, U3, T2, 3            // U* contains new state
+        aes32esmi   U3, U3, T3, 0
+        aes32esmi   U3, U3, T0, 1
+        aes32esmi   U3, U3, T1, 2
+        aes32esmi   U3, U3, T2, 3            // U* contains new state
 
         lw      T0, 32(RK)                      // Load Round Key
         lw      T1, 36(RK)
@@ -89,49 +89,49 @@ aes_ecb_encrypt:                                // a2 - uint32_t  * rk,
         addi    RK, RK, 32                      // Step Key pointer
         beq     RK, KP, .aes_enc_block_l_finish // Break from loop
         
-        saes32.encsm   T0, T0, U0, 0            // Odd Round
-        saes32.encsm   T0, T0, U1, 1
-        saes32.encsm   T0, T0, U2, 2
-        saes32.encsm   T0, T0, U3, 3
+        aes32esmi   T0, T0, U0, 0            // Odd Round
+        aes32esmi   T0, T0, U1, 1
+        aes32esmi   T0, T0, U2, 2
+        aes32esmi   T0, T0, U3, 3
                                  
-        saes32.encsm   T1, T1, U1, 0
-        saes32.encsm   T1, T1, U2, 1
-        saes32.encsm   T1, T1, U3, 2
-        saes32.encsm   T1, T1, U0, 3
+        aes32esmi   T1, T1, U1, 0
+        aes32esmi   T1, T1, U2, 1
+        aes32esmi   T1, T1, U3, 2
+        aes32esmi   T1, T1, U0, 3
                                  
-        saes32.encsm   T2, T2, U2, 0
-        saes32.encsm   T2, T2, U3, 1
-        saes32.encsm   T2, T2, U0, 2
-        saes32.encsm   T2, T2, U1, 3
+        aes32esmi   T2, T2, U2, 0
+        aes32esmi   T2, T2, U3, 1
+        aes32esmi   T2, T2, U0, 2
+        aes32esmi   T2, T2, U1, 3
                                  
-        saes32.encsm   T3, T3, U3, 0
-        saes32.encsm   T3, T3, U0, 1
-        saes32.encsm   T3, T3, U1, 2
-        saes32.encsm   T3, T3, U2, 3            // T* contains new state
+        aes32esmi   T3, T3, U3, 0
+        aes32esmi   T3, T3, U0, 1
+        aes32esmi   T3, T3, U1, 2
+        aes32esmi   T3, T3, U2, 3            // T* contains new state
 
     j .aes_enc_block_l0                         // repeat loop
 
 .aes_enc_block_l_finish:
     
-    saes32.encs    T0, T0, U0, 0                // Final round. No MixColumn.
-    saes32.encs    T0, T0, U1, 1
-    saes32.encs    T0, T0, U2, 2
-    saes32.encs    T0, T0, U3, 3
+    aes32esi    T0, T0, U0, 0                // Final round. No MixColumn.
+    aes32esi    T0, T0, U1, 1
+    aes32esi    T0, T0, U2, 2
+    aes32esi    T0, T0, U3, 3
                              
-    saes32.encs    T1, T1, U1, 0
-    saes32.encs    T1, T1, U2, 1
-    saes32.encs    T1, T1, U3, 2
-    saes32.encs    T1, T1, U0, 3
+    aes32esi    T1, T1, U1, 0
+    aes32esi    T1, T1, U2, 1
+    aes32esi    T1, T1, U3, 2
+    aes32esi    T1, T1, U0, 3
                              
-    saes32.encs    T2, T2, U2, 0
-    saes32.encs    T2, T2, U3, 1
-    saes32.encs    T2, T2, U0, 2
-    saes32.encs    T2, T2, U1, 3
+    aes32esi    T2, T2, U2, 0
+    aes32esi    T2, T2, U3, 1
+    aes32esi    T2, T2, U0, 2
+    aes32esi    T2, T2, U1, 3
                              
-    saes32.encs    T3, T3, U3, 0
-    saes32.encs    T3, T3, U0, 1
-    saes32.encs    T3, T3, U1, 2
-    saes32.encs    T3, T3, U2, 3               // T* contains new state
+    aes32esi    T3, T3, U3, 0
+    aes32esi    T3, T3, U0, 1
+    aes32esi    T3, T3, U1, 2
+    aes32esi    T3, T3, U2, 3               // T* contains new state
 
     AES_DUMP_STATE  T0, T1, T2, T3, CT
 
diff --git a/benchmarks/aes/zscrypto_rv64/aes_128_ks.S b/benchmarks/aes/zscrypto_rv64/aes_128_ks.S
index 214d2fbf..eb26d508 100644
--- a/benchmarks/aes/zscrypto_rv64/aes_128_ks.S
+++ b/benchmarks/aes/zscrypto_rv64/aes_128_ks.S
@@ -9,9 +9,9 @@
 //
 // Computes 1 round key per invocation.
 .macro AES_128_KEY_ROUND RK_LO, RK_HI, RK, TMP1, TMP2, OFFSET, RCON
-    saes64.ks1      \TMP1 , \RK_HI, \RCON
-    saes64.ks2      \RK_LO, \TMP1 , \RK_LO
-    saes64.ks2      \RK_HI, \RK_LO, \RK_HI
+    aes64ks1i     \TMP1 , \RK_HI, \RCON
+    aes64ks2      \RK_LO, \TMP1 , \RK_LO
+    aes64ks2      \RK_HI, \RK_LO, \RK_HI
     AES_DUMP_STATE  \RK_LO, \RK_HI, \RK   , \TMP1, \TMP2, \OFFSET
 .endm
 
diff --git a/benchmarks/aes/zscrypto_rv64/aes_192_ks.S b/benchmarks/aes/zscrypto_rv64/aes_192_ks.S
index 66f9a28d..8d712ffd 100644
--- a/benchmarks/aes/zscrypto_rv64/aes_192_ks.S
+++ b/benchmarks/aes/zscrypto_rv64/aes_192_ks.S
@@ -11,10 +11,10 @@
     sd          \RK0, ( 0+(24*\I))(\RKP)
     sd          \RK1, ( 8+(24*\I))(\RKP)
     sd          \RK2, (16+(24*\I))(\RKP)
-    saes64.ks1  \T0 , \RK2 , \I
-    saes64.ks2  \RK0, \T0  , \RK0
-    saes64.ks2  \RK1, \RK0 , \RK1
-    saes64.ks2  \RK2, \RK1 , \RK2
+    aes64ks1i \T0 , \RK2 , \I
+    aes64ks2  \RK0, \T0  , \RK0
+    aes64ks2  \RK1, \RK0 , \RK1
+    aes64ks2  \RK2, \RK1 , \RK2
 .endm
 
 .func   aes_192_enc_key_schedule
@@ -45,9 +45,9 @@ aes_192_enc_key_schedule:       // a0 - uint32_t rk [AES_192_RK_WORDS]
     sd  RK1, ( 8+(24*7))(RKP)
     sd  RK2, (16+(24*7))(RKP)
     
-    saes64.ks1  T0 , RK2 , 7
-    saes64.ks2  RK0, T0  , RK0
-    saes64.ks2  RK1, RK0 , RK1
+    aes64ks1i T0 , RK2 , 7
+    aes64ks2  RK0, T0  , RK0
+    aes64ks2  RK1, RK0 , RK1
     
     sd  RK0, ( 0+(24*8))(RKP)
     sd  RK1, ( 8+(24*8))(RKP)
diff --git a/benchmarks/aes/zscrypto_rv64/aes_256_ks.S b/benchmarks/aes/zscrypto_rv64/aes_256_ks.S
index 9f4b32d5..874fae44 100644
--- a/benchmarks/aes/zscrypto_rv64/aes_256_ks.S
+++ b/benchmarks/aes/zscrypto_rv64/aes_256_ks.S
@@ -12,12 +12,12 @@
     sd  \RK1, ( 8+(\I*32))(\RKP)
     sd  \RK2, (16+(\I*32))(\RKP)
     sd  \RK3, (24+(\I*32))(\RKP)
-    saes64.ks1  \T0 , \RK3 , \I
-    saes64.ks2  \RK0, \T0  , \RK0
-    saes64.ks2  \RK1, \RK0 , \RK1
-    saes64.ks1  \T0 , \RK1 , 0xA
-    saes64.ks2  \RK2, \T0  , \RK2
-    saes64.ks2  \RK3, \RK2 , \RK3
+    aes64ks1i \T0 , \RK3 , \I
+    aes64ks2  \RK0, \T0  , \RK0
+    aes64ks2  \RK1, \RK0 , \RK1
+    aes64ks1i \T0 , \RK1 , 0xA
+    aes64ks2  \RK2, \T0  , \RK2
+    aes64ks2  \RK3, \RK2 , \RK3
 .endm
 
 .func   aes_256_enc_key_schedule
@@ -50,9 +50,9 @@ aes_256_enc_key_schedule:       // a0 - uint32_t rk [AES_256_RK_WORDS]
     sd  RK2, (16+(6*32))(RKP)
     sd  RK3, (24+(6*32))(RKP)
     
-    saes64.ks1  T0 , RK3 , 6
-    saes64.ks2  RK0, T0  , RK0
-    saes64.ks2  RK1, RK0 , RK1
+    aes64ks1i T0 , RK3 , 6
+    aes64ks2  RK0, T0  , RK0
+    aes64ks2  RK1, RK0 , RK1
     
     sd  RK0, ( 0+(7*32))(RKP)
     sd  RK1, ( 8+(7*32))(RKP)
diff --git a/benchmarks/aes/zscrypto_rv64/aes_dec.S b/benchmarks/aes/zscrypto_rv64/aes_dec.S
index fa68477f..e23b58dd 100644
--- a/benchmarks/aes/zscrypto_rv64/aes_dec.S
+++ b/benchmarks/aes/zscrypto_rv64/aes_dec.S
@@ -17,33 +17,33 @@
 .text
 
 .macro DOUBLE_ROUND RK, K0, K1, K2, K3, S0, S1, N0, N1, OFFSET
-    ld           \K0, \OFFSET +16(\RK)      // Load two roundkeys in a
-    ld           \K1, \OFFSET +24(\RK)      // batch
-    ld           \K2, \OFFSET + 0(\RK)
-    ld           \K3, \OFFSET + 8(\RK)
-    saes64.decsm \N0, \S0, \S1              // InvShiftRows, InvSubBytes
-    saes64.decsm \N1, \S1, \S0              // InvMixColumns
-    xor          \S0, \N0, \K0              // Add Round Key
-    xor          \S1, \N1, \K1
-    saes64.decsm \N0, \S0, \S1              // InvShiftRows, InvSubBytes
-    saes64.decsm \N1, \S1, \S0              // InvMixColumns
-    xor          \S0, \N0, \K2              // AddRoundKey
-    xor          \S1, \N1, \K3
+    ld          \K0, \OFFSET +16(\RK)      // Load two roundkeys in a
+    ld          \K1, \OFFSET +24(\RK)      // batch
+    ld          \K2, \OFFSET + 0(\RK)
+    ld          \K3, \OFFSET + 8(\RK)
+    aes64dsm    \N0, \S0, \S1              // InvShiftRows, InvSubBytes
+    aes64dsm    \N1, \S1, \S0              // InvMixColumns
+    xor         \S0, \N0, \K0              // Add Round Key
+    xor         \S1, \N1, \K1
+    aes64dsm    \N0, \S0, \S1              // InvShiftRows, InvSubBytes
+    aes64dsm    \N1, \S1, \S0              // InvMixColumns
+    xor         \S0, \N0, \K2              // AddRoundKey
+    xor         \S1, \N1, \K3
 .endm
 
 .macro LAST_2ROUNDS RK, K0, K1, K2, K3, S0, S1, N0, N1, OFFSET
-    ld           \K0,\OFFSET +16(\RK)       // Load two round keys
-    ld           \K1,\OFFSET +24(\RK)
-    ld           \K2,\OFFSET + 0(\RK)
-    ld           \K3,\OFFSET + 8(\RK)
-    saes64.decsm \N0, \S0, \S1              // InvShiftRows, InvSubBytes
-    saes64.decsm \N1, \S1, \S0              // InvMixColumns
-    xor          \S0, \N0, \K0              // Add Round Key
-    xor          \S1, \N1, \K1
-    saes64.decs  \N0, \S0, \S1              // InvShiftRows, InvSubBytes
-    saes64.decs  \N1, \S1, \S0
-    xor          \S0, \N0, \K2              // Final AddRoundKey
-    xor          \S1, \N1, \K3
+    ld          \K0,\OFFSET +16(\RK)       // Load two round keys
+    ld          \K1,\OFFSET +24(\RK)
+    ld          \K2,\OFFSET + 0(\RK)
+    ld          \K3,\OFFSET + 8(\RK)
+    aes64dsm    \N0, \S0, \S1              // InvShiftRows, InvSubBytes
+    aes64dsm    \N1, \S1, \S0              // InvMixColumns
+    xor         \S0, \N0, \K0              // Add Round Key
+    xor         \S1, \N1, \K1
+    aes64ds     \N0, \S0, \S1              // InvShiftRows, InvSubBytes
+    aes64ds     \N1, \S1, \S0
+    xor         \S0, \N0, \K2              // Final AddRoundKey
+    xor         \S1, \N1, \K3
 .endm
 
 //
diff --git a/benchmarks/aes/zscrypto_rv64/aes_enc.S b/benchmarks/aes/zscrypto_rv64/aes_enc.S
index 158491e4..f590c9fb 100644
--- a/benchmarks/aes/zscrypto_rv64/aes_enc.S
+++ b/benchmarks/aes/zscrypto_rv64/aes_enc.S
@@ -17,37 +17,37 @@
 .text
 
 .macro DOUBLE_ROUND RK, K0, K1, K2, K3, S0, S1, N0, N1, OFFSET
-    ld            \K0, (\OFFSET + 0)(\RK)      // Load round keys in
-    ld            \K1, (\OFFSET + 8)(\RK)      // batches of 4 double words
-    ld            \K2, (\OFFSET +16)(\RK)
-    ld            \K3, (\OFFSET +24)(\RK)
-    xor           \S0, \S0, \K0                // AddRoundKey
-    xor           \S1, \S1, \K1
-    saes64.encsm  \N0, \S0, \S1                // Rest of round
-    saes64.encsm  \N1, \S1, \S0
-    xor           \N0, \N0, \K2                // AddRoundKey
-    xor           \N1, \N1, \K3
-    saes64.encsm  \S0, \N0, \N1                // Rest of round
-    saes64.encsm  \S1, \N1, \N0
+    ld          \K0, (\OFFSET + 0)(\RK)      // Load round keys in
+    ld          \K1, (\OFFSET + 8)(\RK)      // batches of 4 double words
+    ld          \K2, (\OFFSET +16)(\RK)
+    ld          \K3, (\OFFSET +24)(\RK)
+    xor         \S0, \S0, \K0                // AddRoundKey
+    xor         \S1, \S1, \K1
+    aes64esm    \N0, \S0, \S1                // Rest of round
+    aes64esm    \N1, \S1, \S0
+    xor         \N0, \N0, \K2                // AddRoundKey
+    xor         \N1, \N1, \K3
+    aes64esm   \S0, \N0, \N1                // Rest of round
+    aes64esm   \S1, \N1, \N0
 .endm
 
 .macro LAST_2ROUNDS RK, K0, K1, K2, K3, S0, S1, N0, N1, OFFSET
-    ld            \K0, (\OFFSET + 0)(\RK)      // Load two round keys
-    ld            \K1, (\OFFSET + 8)(\RK)
-    ld            \K2, (\OFFSET +16)(\RK)
-    ld            \K3, (\OFFSET +24)(\RK)
-    xor           \S0, \S0, \K0                // AddRoundKey
-    xor           \S1, \S1, \K1
-    ld            \K0, (\OFFSET +32)(\RK)      // Load final round key
-    ld            \K1, (\OFFSET +40)(\RK)
-    saes64.encsm  \N0, \S0, \S1                // Rest of round: Shift,
-    saes64.encsm  \N1, \S1, \S0                // Sub, Mix
-    xor           \N0, \N0, \K2                // AddRoundKey
-    xor           \N1, \N1, \K3
-    saes64.encs   \S0, \N0, \N1                // Final round: Shift, Sub
-    saes64.encs   \S1, \N1, \N0
-    xor           \S0, \S0, \K0                // Final AddRoundKey
-    xor           \S1, \S1, \K1
+    ld          \K0, (\OFFSET + 0)(\RK)      // Load two round keys
+    ld          \K1, (\OFFSET + 8)(\RK)
+    ld          \K2, (\OFFSET +16)(\RK)
+    ld          \K3, (\OFFSET +24)(\RK)
+    xor         \S0, \S0, \K0                // AddRoundKey
+    xor         \S1, \S1, \K1
+    ld          \K0, (\OFFSET +32)(\RK)      // Load final round key
+    ld          \K1, (\OFFSET +40)(\RK)
+    aes64esm    \N0, \S0, \S1                // Rest of round: Shift,
+    aes64esm    \N1, \S1, \S0                // Sub, Mix
+    xor         \N0, \N0, \K2                // AddRoundKey
+    xor         \N1, \N1, \K3
+    aes64es     \S0, \N0, \N1                // Final round: Shift, Sub
+    aes64es     \S1, \N1, \N0
+    xor         \S0, \S0, \K0                // Final AddRoundKey
+    xor         \S1, \S1, \K1
 .endm
 
 //
diff --git a/benchmarks/aes/zscrypto_rv64/aes_ks_dec_invmc.S b/benchmarks/aes/zscrypto_rv64/aes_ks_dec_invmc.S
index 264cfdeb..f0f94c45 100644
--- a/benchmarks/aes/zscrypto_rv64/aes_ks_dec_invmc.S
+++ b/benchmarks/aes/zscrypto_rv64/aes_ks_dec_invmc.S
@@ -10,8 +10,8 @@ aes_ks_dec_invmc:           // a0 - uint64_t * ks
         ld          a2, 0(a0)
         ld          a3, 8(a0)
         
-        saes64.imix a2, a2
-        saes64.imix a3, a3
+        aes64im a2, a2
+        aes64im a3, a3
 
         sd          a2, 0(a0)
         sd          a3, 8(a0)
diff --git a/benchmarks/sha256/zscrypto/sha256.c b/benchmarks/sha256/zscrypto/sha256.c
index 30a25861..9f4eab79 100644
--- a/benchmarks/sha256/zscrypto/sha256.c
+++ b/benchmarks/sha256/zscrypto/sha256.c
@@ -48,11 +48,11 @@ static inline void sha256_hash_init (
 #define CH(X,Y,Z)  ((X&Y)^(~X&Z))
 #define MAJ(X,Y,Z) ((X&Y)^(X&Z)^(Y&Z))
 
-#define SUM_0(X)   (_ssha256_sum0(X))
-#define SUM_1(X)   (_ssha256_sum1(X))
+#define SUM_0(X)   (_sha256sum0(X))
+#define SUM_1(X)   (_sha256sum1(X))
 
-#define SIGMA_0(X) (_ssha256_sig0(X))
-#define SIGMA_1(X) (_ssha256_sig1(X))
+#define SIGMA_0(X) (_sha256sig0(X))
+#define SIGMA_1(X) (_sha256sig1(X))
 
 #define ROUND(A,B,C,D,E,F,G,H,K,W) { \
     H  = H + SUM_1(E) + CH(E,F,G) + K + W   ; \
diff --git a/benchmarks/sha512/zscrypto_rv64/sha512.c b/benchmarks/sha512/zscrypto_rv64/sha512.c
index 4cd0aac9..ff703a58 100644
--- a/benchmarks/sha512/zscrypto_rv64/sha512.c
+++ b/benchmarks/sha512/zscrypto_rv64/sha512.c
@@ -64,11 +64,11 @@ static inline void sha512_hash_init (
 #define CH(X,Y,Z)  ((X&Y)^(~X&Z))
 #define MAJ(X,Y,Z) ((X&Y)^(X&Z)^(Y&Z))
 
-#define SUM_0(X)   (_ssha512_sum0(X))
-#define SUM_1(X)   (_ssha512_sum1(X))
+#define SUM_0(X)   (_sha512sum0(X))
+#define SUM_1(X)   (_sha512sum1(X))
 
-#define SIGMA_0(X) (_ssha512_sig0(X))
-#define SIGMA_1(X) (_ssha512_sig1(X))
+#define SIGMA_0(X) (_sha512sig0(X))
+#define SIGMA_1(X) (_sha512sig1(X))
 
 #define ROUND(A,B,C,D,E,F,G,H,K,W) { \
     H  = H + SUM_1(E) + CH(E,F,G) + K + W   ; \
diff --git a/benchmarks/share/riscv-crypto-intrinsics.h b/benchmarks/share/riscv-crypto-intrinsics.h
index dd09c2e9..54904c95 100644
--- a/benchmarks/share/riscv-crypto-intrinsics.h
+++ b/benchmarks/share/riscv-crypto-intrinsics.h
@@ -24,10 +24,10 @@
 //
 
 #if (defined(__ZSCRYPTO) && (defined(RISCV_CRYPTO_RV32) || defined(RISCV_CRYPTO_RV64)))
-static inline uint32_t _ssha256_sig0 (uint32_t rs1) {uint32_t rd; __asm__ ("ssha256.sig0 %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
-static inline uint32_t _ssha256_sig1 (uint32_t rs1) {uint32_t rd; __asm__ ("ssha256.sig1 %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
-static inline uint32_t _ssha256_sum0 (uint32_t rs1) {uint32_t rd; __asm__ ("ssha256.sum0 %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
-static inline uint32_t _ssha256_sum1 (uint32_t rs1) {uint32_t rd; __asm__ ("ssha256.sum1 %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
+static inline uint32_t _sha256sig0 (uint32_t rs1) {uint32_t rd; __asm__ ("sha256sig0 %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
+static inline uint32_t _sha256sig1 (uint32_t rs1) {uint32_t rd; __asm__ ("sha256sig1 %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
+static inline uint32_t _sha256sum0 (uint32_t rs1) {uint32_t rd; __asm__ ("sha256sum0 %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
+static inline uint32_t _sha256sum1 (uint32_t rs1) {uint32_t rd; __asm__ ("sha256sum1 %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
 #endif
 
 //
@@ -35,17 +35,17 @@ static inline uint32_t _ssha256_sum1 (uint32_t rs1) {uint32_t rd; __asm__ ("ssha
 //
 
 #if defined(__ZSCRYPTO) && defined(RISCV_CRYPTO_RV32)
-static inline uint32_t _ssha512_sig0l(uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__ ("ssha512.sig0l %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
-static inline uint32_t _ssha512_sig0h(uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__ ("ssha512.sig0h %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
-static inline uint32_t _ssha512_sig1l(uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__ ("ssha512.sig1l %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
-static inline uint32_t _ssha512_sig1h(uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__ ("ssha512.sig1h %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
-static inline uint32_t _ssha512_sum0r(uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__ ("ssha512.sum0r %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
-static inline uint32_t _ssha512_sum1r(uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__ ("ssha512.sum1r %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
+static inline uint32_t _sha512sig0l(uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__ ("sha512sig0l %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
+static inline uint32_t _sha512sig0h(uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__ ("sha512sig0h %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
+static inline uint32_t _sha512sig1l(uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__ ("sha512sig1l %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
+static inline uint32_t _sha512sig1h(uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__ ("sha512sig1h %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
+static inline uint32_t _sha512sum0r(uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__ ("sha512sum0r %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
+static inline uint32_t _sha512sum1r(uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__ ("sha512sum1r %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
 #elif defined(__ZSCRYPTO) && defined(RISCV_CRYPTO_RV64)
-static inline uint64_t _ssha512_sig0 (uint64_t rs1) {uint64_t rd; __asm__ ("ssha512.sig0  %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
-static inline uint64_t _ssha512_sig1 (uint64_t rs1) {uint64_t rd; __asm__ ("ssha512.sig1  %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
-static inline uint64_t _ssha512_sum0 (uint64_t rs1) {uint64_t rd; __asm__ ("ssha512.sum0  %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
-static inline uint64_t _ssha512_sum1 (uint64_t rs1) {uint64_t rd; __asm__ ("ssha512.sum1  %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
+static inline uint64_t _sha512sig0 (uint64_t rs1) {uint64_t rd; __asm__ ("sha512sig0  %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
+static inline uint64_t _sha512sig1 (uint64_t rs1) {uint64_t rd; __asm__ ("sha512sig1  %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
+static inline uint64_t _sha512sum0 (uint64_t rs1) {uint64_t rd; __asm__ ("sha512sum0  %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
+static inline uint64_t _sha512sum1 (uint64_t rs1) {uint64_t rd; __asm__ ("sha512sum1  %0, %1" : "=r"(rd) : "r"(rs1)); return rd;}
 #endif
 
 //
@@ -53,24 +53,20 @@ static inline uint64_t _ssha512_sum1 (uint64_t rs1) {uint64_t rd; __asm__ ("ssha
 //
 
 #if (defined(__ZSCRYPTO) && defined(RISCV_CRYPTO_RV32))
-static inline uint32_t _saes32_encs (uint32_t rs1, uint32_t rs2, int bs) {uint32_t rd; __asm__("saes32.encs  %0, %1, %2, %3" : "=r"(rd) : "r"(rs1), "r"(rs2), "i"(bs)); return rd;}
-static inline uint32_t _saes32_encsm(uint32_t rs1, uint32_t rs2, int bs) {uint32_t rd; __asm__("saes32.encsm %0, %1, %2, %3" : "=r"(rd) : "r"(rs1), "r"(rs2), "i"(bs)); return rd;}
-static inline uint32_t _saes32_decs (uint32_t rs1, uint32_t rs2, int bs) {uint32_t rd; __asm__("saes32.decs  %0, %1, %2, %3" : "=r"(rd) : "r"(rs1), "r"(rs2), "i"(bs)); return rd;}
-static inline uint32_t _saes32_decsm(uint32_t rs1, uint32_t rs2, int bs) {uint32_t rd; __asm__("saes32.decsm %0, %1, %2, %3" : "=r"(rd) : "r"(rs1), "r"(rs2), "i"(bs)); return rd;}
+static inline uint32_t _aes32esi (uint32_t rs1, uint32_t rs2, int bs) {uint32_t rd; __asm__("aes32esi  %0, %1, %2, %3" : "=r"(rd) : "r"(rs1), "r"(rs2), "i"(bs)); return rd;}
+static inline uint32_t _aes32esmi(uint32_t rs1, uint32_t rs2, int bs) {uint32_t rd; __asm__("aes32esmi %0, %1, %2, %3" : "=r"(rd) : "r"(rs1), "r"(rs2), "i"(bs)); return rd;}
+static inline uint32_t _aes32dsi (uint32_t rs1, uint32_t rs2, int bs) {uint32_t rd; __asm__("aes32dsi  %0, %1, %2, %3" : "=r"(rd) : "r"(rs1), "r"(rs2), "i"(bs)); return rd;}
+static inline uint32_t _aes32dsmi(uint32_t rs1, uint32_t rs2, int bs) {uint32_t rd; __asm__("aes32dsmi %0, %1, %2, %3" : "=r"(rd) : "r"(rs1), "r"(rs2), "i"(bs)); return rd;}
 #endif
 
 #if (defined(__ZSCRYPTO) && defined(RISCV_CRYPTO_RV64))
-static inline uint64_t _saes64_ks1     (uint64_t rs1, int      rcon) {uint64_t rd; __asm__("saes64.ks1      %0, %1, %2" : "=r"(rd) : "r"(rs1), "i"(rcon)); return rd;}
-static inline uint64_t _saes64_ks2     (uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("saes64.ks2      %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
-static inline uint64_t _saes64_imix    (uint64_t rs1               ) {uint64_t rd; __asm__("saes64.imix     %0, %1    " : "=r"(rd) : "r"(rs1)           ); return rd;}
-static inline uint64_t _saes64_encsm_lo(uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("saes64.encsm.lo %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
-static inline uint64_t _saes64_encsm_hi(uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("saes64.encsm.hi %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
-static inline uint64_t _saes64_encs_lo (uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("saes64.encs.lo  %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
-static inline uint64_t _saes64_encs_hi (uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("saes64.encs.hi  %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
-static inline uint64_t _saes64_decsm_lo(uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("saes64.decsm.lo %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
-static inline uint64_t _saes64_decsm_hi(uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("saes64.decsm.hi %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
-static inline uint64_t _saes64_decs_lo (uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("saes64.decs.lo  %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
-static inline uint64_t _saes64_decs_hi (uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("saes64.decs.hi  %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
+static inline uint64_t _aes64ks1i  (uint64_t rs1, int      rcon) {uint64_t rd; __asm__("aes64ks1i %0, %1, %2" : "=r"(rd) : "r"(rs1), "i"(rcon)); return rd;}
+static inline uint64_t _aes64ks2   (uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("aes64ks2  %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
+static inline uint64_t _aes64im    (uint64_t rs1               ) {uint64_t rd; __asm__("aes64im   %0, %1    " : "=r"(rd) : "r"(rs1)           ); return rd;}
+static inline uint64_t _aes64esm   (uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("aes64esm  %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
+static inline uint64_t _aes64es    (uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("aes64es   %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
+static inline uint64_t _aes64dsm   (uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("aes64dsm  %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
+static inline uint64_t _aes64ds    (uint64_t rs1, uint64_t rs2 ) {uint64_t rd; __asm__("aes64ds   %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2 )); return rd;}
 #endif
 
 //
@@ -78,8 +74,8 @@ static inline uint64_t _saes64_decs_hi (uint64_t rs1, uint64_t rs2 ) {uint64_t r
 //
 
 #if (defined(__ZSCRYPTO))
-static inline uint32_t _ssm4_ks (uint32_t rs1, uint32_t rs2, int bs) {uint32_t rd; __asm__("ssm4.ks %0, %1, %2, %3" : "=r"(rd) : "r"(rs1), "r"(rs2), "i"(bs)); return rd;}
-static inline uint32_t _ssm4_ed (uint32_t rs1, uint32_t rs2, int bs) {uint32_t rd; __asm__("ssm4.ed %0, %1, %2, %3" : "=r"(rd) : "r"(rs1), "r"(rs2), "i"(bs)); return rd;}
+static inline uint32_t _sm4ks (uint32_t rs1, uint32_t rs2, int bs) {uint32_t rd; __asm__("sm4ks %0, %1, %2, %3" : "=r"(rd) : "r"(rs1), "r"(rs2), "i"(bs)); return rd;}
+static inline uint32_t _sm4ed (uint32_t rs1, uint32_t rs2, int bs) {uint32_t rd; __asm__("sm4ed %0, %1, %2, %3" : "=r"(rd) : "r"(rs1), "r"(rs2), "i"(bs)); return rd;}
 #endif
 
 //
@@ -87,8 +83,8 @@ static inline uint32_t _ssm4_ed (uint32_t rs1, uint32_t rs2, int bs) {uint32_t r
 //
 
 #if (defined(__ZSCRYPTO))
-static inline uint32_t _ssm3_p0 (uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__("ssm3.p0 %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
-static inline uint32_t _ssm3_p1 (uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__("ssm3.p1 %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
+static inline uint32_t _sm3p0 (uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__("sm3p0 %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
+static inline uint32_t _sm3p1 (uint32_t rs1, uint32_t rs2) {uint32_t rd; __asm__("sm3p1 %0, %1, %2" : "=r"(rd) : "r"(rs1), "r"(rs2)); return rd;}
 #endif
 
 //
diff --git a/benchmarks/sm4/zscrypto/sm4_zscrypto.c b/benchmarks/sm4/zscrypto/sm4_zscrypto.c
index 33cc9c92..9a29fa62 100644
--- a/benchmarks/sm4/zscrypto/sm4_zscrypto.c
+++ b/benchmarks/sm4/zscrypto/sm4_zscrypto.c
@@ -25,18 +25,18 @@ const uint32_t CK [32] = {
 };
 
 static inline uint32_t ssm4_ks4(uint32_t rs1, uint32_t rs2) {
-    rs1 = _ssm4_ks(rs1, rs2, 0);
-    rs1 = _ssm4_ks(rs1, rs2, 1);
-    rs1 = _ssm4_ks(rs1, rs2, 2);
-    rs1 = _ssm4_ks(rs1, rs2, 3);
+    rs1 = _sm4ks(rs1, rs2, 0);
+    rs1 = _sm4ks(rs1, rs2, 1);
+    rs1 = _sm4ks(rs1, rs2, 2);
+    rs1 = _sm4ks(rs1, rs2, 3);
     return rs1;
 }
 
 static inline uint32_t ssm4_ed4(uint32_t rs1, uint32_t rs2) {
-    rs1 = _ssm4_ed(rs1, rs2, 0);
-    rs1 = _ssm4_ed(rs1, rs2, 1);
-    rs1 = _ssm4_ed(rs1, rs2, 2);
-    rs1 = _ssm4_ed(rs1, rs2, 3);
+    rs1 = _sm4ed(rs1, rs2, 0);
+    rs1 = _sm4ed(rs1, rs2, 1);
+    rs1 = _sm4ed(rs1, rs2, 2);
+    rs1 = _sm4ed(rs1, rs2, 3);
     return rs1;
 }
 
diff --git a/doc/opcodes-crypto-scalar.tex b/doc/opcodes-crypto-scalar.tex
index 0a3df8b2..1d9fe0e2 100644
--- a/doc/opcodes-crypto-scalar.tex
+++ b/doc/opcodes-crypto-scalar.tex
@@ -9,7 +9,7 @@
 \bitbox{3}{\tt 011}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssm4.ed}\\%
+\bitbox{9}{\bf\tt sm4ed}\\%
 \bitbox{2}{\tt bs}%
 \bitbox{5}{\tt 00101}%
 \bitbox{5}{\tt rs2}%
@@ -17,7 +17,7 @@
 \bitbox{3}{\tt 011}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssm4.ks}\\%
+\bitbox{9}{\bf\tt sm4ks}\\%
 \bitbox{2}{\tt bs}%
 \bitbox{5}{\tt 00000}%
 \bitbox{5}{\tt rs2}%
@@ -25,7 +25,7 @@
 \bitbox{3}{\tt 010}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt saes32.encsm}\\%
+\bitbox{9}{\bf\tt aes32esmi}\\%
 \bitbox{2}{\tt bs}%
 \bitbox{5}{\tt 00001}%
 \bitbox{5}{\tt rs2}%
@@ -33,7 +33,7 @@
 \bitbox{3}{\tt 010}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt saes32.encs}\\%
+\bitbox{9}{\bf\tt aes32esi}\\%
 \bitbox{2}{\tt bs}%
 \bitbox{5}{\tt 00010}%
 \bitbox{5}{\tt rs2}%
@@ -41,7 +41,7 @@
 \bitbox{3}{\tt 010}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt saes32.decsm}\\%
+\bitbox{9}{\bf\tt aes32dsmi}\\%
 \bitbox{2}{\tt bs}%
 \bitbox{5}{\tt 00011}%
 \bitbox{5}{\tt rs2}%
@@ -49,7 +49,7 @@
 \bitbox{3}{\tt 010}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt saes32.decs}\\%
+\bitbox{9}{\bf\tt aes32dsi}\\%
 \bitbox{7}{\tt 0000100}%
 \bitbox{1}{\tt 0}%
 \bitbox{4}{\tt rcon}%
@@ -57,166 +57,166 @@
 \bitbox{3}{\tt 010}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt saes64.ks1}\\%
+\bitbox{9}{\bf\tt aes64ks1i}\\%
 \bitbox{7}{\tt 0000101}%
 \bitbox{5}{\tt rs2}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 010}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt saes64.ks2}\\%
+\bitbox{9}{\bf\tt aes64ks2}\\%
 \bitbox{7}{\tt 0000110}%
 \bitbox{5}{\tt 00001}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 010}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt saes64.imix}\\%
+\bitbox{9}{\bf\tt aes64im}\\%
 \bitbox{7}{\tt 0000111}%
 \bitbox{5}{\tt rs2}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 010}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt saes64.encsm}\\%
+\bitbox{9}{\bf\tt aes64esm}\\%
 \bitbox{7}{\tt 0001000}%
 \bitbox{5}{\tt rs2}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 010}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt saes64.encs}\\%
+\bitbox{9}{\bf\tt aes64es}\\%
 \bitbox{7}{\tt 0001001}%
 \bitbox{5}{\tt rs2}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 010}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt saes64.decsm}\\%
+\bitbox{9}{\bf\tt aes64dsm}\\%
 \bitbox{7}{\tt 0001010}%
 \bitbox{5}{\tt rs2}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 010}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt saes64.decs}\\%
+\bitbox{9}{\bf\tt aes64ds}\\%
 \bitbox{7}{\tt 0000111}%
 \bitbox{5}{\tt 00000}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha256.sig0}\\%
+\bitbox{9}{\bf\tt sha256sig0}\\%
 \bitbox{7}{\tt 0000111}%
 \bitbox{5}{\tt 00001}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha256.sig1}\\%
+\bitbox{9}{\bf\tt sha256sig1}\\%
 \bitbox{7}{\tt 0000111}%
 \bitbox{5}{\tt 00010}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha256.sum0}\\%
+\bitbox{9}{\bf\tt sha256sum0}\\%
 \bitbox{7}{\tt 0000111}%
 \bitbox{5}{\tt 00011}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha256.sum1}\\%
+\bitbox{9}{\bf\tt sha256sum1}\\%
 \bitbox{7}{\tt 0000111}%
 \bitbox{5}{\tt 01000}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssm3.p0}\\%
+\bitbox{9}{\bf\tt sm3p0}\\%
 \bitbox{7}{\tt 0000111}%
 \bitbox{5}{\tt 01001}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssm3.p1}\\%
+\bitbox{9}{\bf\tt sm3p1}\\%
 \bitbox{7}{\tt 0001000}%
 \bitbox{5}{\tt rs2}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha512.sig0l}\\%
+\bitbox{9}{\bf\tt sha512sig0l}\\%
 \bitbox{7}{\tt 0001001}%
 \bitbox{5}{\tt rs2}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha512.sig0h}\\%
+\bitbox{9}{\bf\tt sha512sig0h}\\%
 \bitbox{7}{\tt 0001010}%
 \bitbox{5}{\tt rs2}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha512.sig1l}\\%
+\bitbox{9}{\bf\tt sha512sig1l}\\%
 \bitbox{7}{\tt 0001011}%
 \bitbox{5}{\tt rs2}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha512.sig1h}\\%
+\bitbox{9}{\bf\tt sha512sig1h}\\%
 \bitbox{7}{\tt 0001100}%
 \bitbox{5}{\tt rs2}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha512.sum0r}\\%
+\bitbox{9}{\bf\tt sha512sum0r}\\%
 \bitbox{7}{\tt 0001101}%
 \bitbox{5}{\tt rs2}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha512.sum1r}\\%
+\bitbox{9}{\bf\tt sha512sum1r}\\%
 \bitbox{7}{\tt 0000111}%
 \bitbox{5}{\tt 00100}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha512.sig0}\\%
+\bitbox{9}{\bf\tt sha512sig0}\\%
 \bitbox{7}{\tt 0000111}%
 \bitbox{5}{\tt 00101}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha512.sig1}\\%
+\bitbox{9}{\bf\tt sha512sig1}\\%
 \bitbox{7}{\tt 0000111}%
 \bitbox{5}{\tt 00110}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha512.sum0}\\%
+\bitbox{9}{\bf\tt sha512sum0}\\%
 \bitbox{7}{\tt 0000111}%
 \bitbox{5}{\tt 00111}%
 \bitbox{5}{\tt rs1}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt ssha512.sum1}\\%
+\bitbox{9}{\bf\tt sha512sum1}\\%
 \bitbox{7}{\tt 0001111}%
 \bitbox{5}{\tt shamtw}%
 \bitbox{5}{\tt 01010}%
 \bitbox{3}{\tt 111}%
 \bitbox{5}{\tt rd}%
 \bitbox{7}{\tt 0101011}%
-\bitbox{9}{\bf\tt pollentropy}\\%
+\bitbox{9}{\bf\tt pollentropyi}\\%
 \end{bytefield}
diff --git a/doc/opcodes-crypto-vector.tex b/doc/opcodes-crypto-vector.tex
index d4090522..46fc30fd 100644
--- a/doc/opcodes-crypto-vector.tex
+++ b/doc/opcodes-crypto-vector.tex
@@ -74,7 +74,7 @@
 \bitbox{3}{\tt 000}%
 \bitbox{5}{\tt vt}%
 \bitbox{7}{\tt 1011011}%
-\bitbox{9}{\bf\tt vaes128keyi}\\%
+\bitbox{9}{\bf\tt vaes128keyi.vv}\\%
 \bitbox{6}{\tt 000000}%
 \bitbox{1}{\tt 0}%
 \bitbox{5}{\tt 01000}%
@@ -83,7 +83,7 @@
 \bitbox{3}{\tt 000}%
 \bitbox{5}{\tt vt}%
 \bitbox{7}{\tt 1011011}%
-\bitbox{9}{\bf\tt vaes128invkeyi}\\%
+\bitbox{9}{\bf\tt vaes128invkeyi.vv}\\%
 \bitbox{6}{\tt 000001}%
 \bitbox{1}{\tt 0}%
 \bitbox{5}{\tt vs2}%
@@ -92,7 +92,7 @@
 \bitbox{3}{\tt 000}%
 \bitbox{5}{\tt vt}%
 \bitbox{7}{\tt 1011011}%
-\bitbox{9}{\bf\tt vaes192keyi}\\%
+\bitbox{9}{\bf\tt vaes192keyi.vv}\\%
 \bitbox{6}{\tt 000001}%
 \bitbox{1}{\tt 0}%
 \bitbox{5}{\tt vs2}%
@@ -101,7 +101,7 @@
 \bitbox{3}{\tt 000}%
 \bitbox{5}{\tt vt}%
 \bitbox{7}{\tt 1011011}%
-\bitbox{9}{\bf\tt vaes192invkeyi}\\%
+\bitbox{9}{\bf\tt vaes192invkeyi.vv}\\%
 \bitbox{6}{\tt 000001}%
 \bitbox{1}{\tt 1}%
 \bitbox{5}{\tt vs2}%
@@ -110,7 +110,7 @@
 \bitbox{3}{\tt 000}%
 \bitbox{5}{\tt vt}%
 \bitbox{7}{\tt 1011011}%
-\bitbox{9}{\bf\tt vaes256keyi}\\%
+\bitbox{9}{\bf\tt vaes256keyi.vv}\\%
 \bitbox{6}{\tt 000001}%
 \bitbox{1}{\tt 1}%
 \bitbox{5}{\tt vs2}%
@@ -119,7 +119,7 @@
 \bitbox{3}{\tt 000}%
 \bitbox{5}{\tt vt}%
 \bitbox{7}{\tt 1011011}%
-\bitbox{9}{\bf\tt vaes256invkeyi}\\%
+\bitbox{9}{\bf\tt vaes256invkeyi.vv}\\%
 \bitbox{6}{\tt 000010}%
 \bitbox{1}{\tt 0}%
 \bitbox{5}{\tt 00000}%
@@ -223,7 +223,7 @@
 \bitbox{3}{\tt 000}%
 \bitbox{5}{\tt vt}%
 \bitbox{7}{\tt 1011011}%
-\bitbox{9}{\bf\tt vaes128rkey}\\%
+\bitbox{9}{\bf\tt vaes128rkey.vv}\\%
 \bitbox{6}{\tt 000010}%
 \bitbox{1}{\tt 0}%
 \bitbox{5}{\tt 01100}%
@@ -231,7 +231,7 @@
 \bitbox{3}{\tt 000}%
 \bitbox{5}{\tt vt}%
 \bitbox{7}{\tt 1011011}%
-\bitbox{9}{\bf\tt vaes192rkey}\\%
+\bitbox{9}{\bf\tt vaes192rkey.vv}\\%
 \bitbox{6}{\tt 000010}%
 \bitbox{1}{\tt 0}%
 \bitbox{5}{\tt 01100}%
@@ -239,7 +239,7 @@
 \bitbox{3}{\tt 000}%
 \bitbox{5}{\tt vt}%
 \bitbox{7}{\tt 1011011}%
-\bitbox{9}{\bf\tt vaes256rkey}\\%
+\bitbox{9}{\bf\tt vaes256rkey.vv}\\%
 \bitbox{6}{\tt 000011}%
 \bitbox{1}{\tt 0}%
 \bitbox{5}{\tt vs2}%
@@ -248,7 +248,7 @@
 \bitbox{3}{\tt 000}%
 \bitbox{5}{\tt vt}%
 \bitbox{7}{\tt 1011011}%
-\bitbox{9}{\bf\tt vsha2.ws}\\%
+\bitbox{9}{\bf\tt vsha2wsi.vv}\\%
 \bitbox{6}{\tt 000011}%
 \bitbox{1}{\tt 1}%
 \bitbox{5}{\tt 00000}%
@@ -256,7 +256,7 @@
 \bitbox{3}{\tt 000}%
 \bitbox{5}{\tt vd}%
 \bitbox{7}{\tt 1011011}%
-\bitbox{9}{\bf\tt vsha2.ms}\\%
+\bitbox{9}{\bf\tt vsha2ms.vv}\\%
 \bitbox{6}{\tt 000011}%
 \bitbox{1}{\tt 1}%
 \bitbox{5}{\tt 00001}%
@@ -264,7 +264,7 @@
 \bitbox{3}{\tt 000}%
 \bitbox{5}{\tt vt}%
 \bitbox{7}{\tt 1011011}%
-\bitbox{9}{\bf\tt vsha2.hs}\\%
+\bitbox{9}{\bf\tt vsha2hs.vv}\\%
 \bitbox{6}{\tt 010000}%
 \bitbox{1}{\tt vm}%
 \bitbox{5}{\tt vs2}%
diff --git a/doc/tex/sec-scalar-aes.tex b/doc/tex/sec-scalar-aes.tex
index 45a07e57..a3070943 100644
--- a/doc/tex/sec-scalar-aes.tex
+++ b/doc/tex/sec-scalar-aes.tex
@@ -14,10 +14,10 @@ \subsubsection{RV32 Instructions}
 \label{sec:scalar:aes:rv32}
 
 \begin{cryptoisa}
-saes32.encs      rd, rs1, rs2, bs // Encrypt: SubBytes
-saes32.encsm     rd, rs1, rs2, bs // Encrypt: SubBytes & MixColumns
-saes32.decs      rd, rs1, rs2, bs // Decrypt: SubBytes
-saes32.decsm     rd, rs1, rs2, bs // Decrypt: SubBytes & MixColumns
+aes32esi     rd, rs1, rs2, bs // Encrypt: SubBytes
+aes32esmi    rd, rs1, rs2, bs // Encrypt: SubBytes & MixColumns
+aes32dsi     rd, rs1, rs2, bs // Decrypt: SubBytes
+aes32dsmi    rd, rs1, rs2, bs // Decrypt: SubBytes & MixColumns
 \end{cryptoisa}
 
 These instructions are a very lightweight proposal, derived from
@@ -58,13 +58,13 @@ \subsubsection{RV64 Instructions}
 \label{sec:scalar:aes:rv64}
 
 \begin{cryptoisa}
-saes64.ks1   rd, rs1, rcon // KeySchedule: SubBytes, Rotate, Round Const
-saes64.ks2   rd, rs1, rs2  // KeySchedule: XOR summation
-saes64.imix  rd, rs1       // KeySchedule: InvMixColumns for Decrypt
-saes64.encsm rd, rs1, rs2  // Round:    ShiftRows,    SubBytes,    MixColumns
-saes64.encs  rd, rs1, rs2  // Round:    ShiftRows,    SubBytes
-saes64.decsm rd, rs1, rs2  // Round: InvShiftRows, InvSubBytes, InvMixColumns
-saes64.decs  rd, rs1, rs2  // Round: InvShiftRows, InvSubBytes
+aes64ks1i  rd, rs1, rcon // KeySchedule: SubBytes, Rotate, Round Const
+aes64ks2   rd, rs1, rs2  // KeySchedule: XOR summation
+aes64im    rd, rs1       // KeySchedule: InvMixColumns for Decrypt
+aes64esm   rd, rs1, rs2  // Round:    ShiftRows,    SubBytes,    MixColumns
+aes64es    rd, rs1, rs2  // Round:    ShiftRows,    SubBytes
+aes64dsm   rd, rs1, rs2  // Round: InvShiftRows, InvSubBytes, InvMixColumns
+aes64ds    rd, rs1, rs2  // Round: InvShiftRows, InvSubBytes
 \end{cryptoisa}
 
 These instructions are for RV64 only.
@@ -81,15 +81,15 @@ \subsubsection{RV64 Instructions}
 
 \item
 The
-\mnemonic{saes64.ks1}/\mnemonic{saes64.ks2}
+\mnemonic{aes64ks1i}/\mnemonic{aes64ks2}
 instructions are used in the encrypt KeySchedule.
-\mnemonic{saes64.ks1} implements the rotation, SubBytes and Round Constant
+\mnemonic{aes64ks1i} implements the rotation, SubBytes and Round Constant
 addition steps.
-\mnemonic{saes64.ks2} implements the remaining {\tt xor} operations.
+\mnemonic{aes64ks2} implements the remaining {\tt xor} operations.
 
 \item
 The
-\mnemonic{saes64.imix}
+\mnemonic{aes64im}
 instruction applies the inverse MixColumns
 transformation to two columns of the state array, packed into a single
 64-bit register.
@@ -98,11 +98,11 @@ \subsubsection{RV64 Instructions}
 \cite[Page 23, Section 5.3.5]{nist:fips:197}.
 
 \item
-The \mnemonic{saes64.encsm}/\mnemonic{saes64.decsm} instructions perform the
+The \mnemonic{aes64esm}/\mnemonic{aes64dsm} instructions perform the
 (Inverse) SubBytes, ShiftRows and MixColumns Transformations.
 
 \item
-The \mnemonic{saes64.encs}/\mnemonic{saes64.decs} instructions perform the
+The \mnemonic{aes64es}/\mnemonic{aes64ds} instructions perform the
 (Inverse) SubBytes and ShiftRows Transformations.
 They are used for the last round only.
 
@@ -114,8 +114,8 @@ \subsubsection{RV64 Instructions}
 {\tt t0} and {\tt t1} hold the current round state.
 {\tt t2} and {\tt t3} hold the next round state.
 \begin{lstlisting}
-saes64.encsm t2, t0, t1 // ShiftRows, SubBytes, MixColumns bytes 0..7
-saes64.encsm t3, t1, t0 // "          "         "          "     8..15
+aes64esm t2, t0, t1 // ShiftRows, SubBytes, MixColumns bytes 0..7
+aes64esm t3, t1, t0 // "          "         "          "     8..15
 \end{lstlisting}
 \end{itemize}
 
@@ -131,8 +131,8 @@ \subsubsection{RV64 Instructions}
 These instructions are amenable to macro-op fusion.
 The recommended sequences are:
 \begin{lstlisting}[language=pseudo]
-saes64.encsm rd1, rs1, rs2 // Different destination registers,
-saes64.encsm rd2, rs2, rs1 // identical source registers with swapped order.
+aes64esm rd1, rs1, rs2 // Different destination registers,
+aes64esm rd2, rs2, rs1 // identical source registers with swapped order.
 \end{lstlisting}
 This is similar to the recommended \mnemonic{mulh}, \mnemonic{mul}
 sequence in the M extension to compute a full $32*32->64$ bit
@@ -148,9 +148,9 @@ \subsubsection{RV64 Instructions}
 \caption{
 Mapping of AES state between input and output registers for the round
 instructions.
-{\tt Rout1} is given by \mnemonic{saes64.encsm rd, rs1, rs2},
+{\tt Rout1} is given by \mnemonic{aes64esm rd, rs1, rs2},
 and
-{\tt Rout2}          by \mnemonic{saes64.encsm rd, rs2, rs1}.
+{\tt Rout2}          by \mnemonic{aes64esm rd, rs2, rs1}.
 The {\tt [Inv]ShiftRows} blocks show how to select the relevant $8$ bytes
 for further processing from the concatenation {\tt rs2 || \tt rs1}.
 }
diff --git a/doc/tex/sec-scalar-sha2.tex b/doc/tex/sec-scalar-sha2.tex
index 3aaa72c4..e305ad16 100644
--- a/doc/tex/sec-scalar-sha2.tex
+++ b/doc/tex/sec-scalar-sha2.tex
@@ -6,10 +6,10 @@ \subsection{Scalar SHA-256 / SHA-512 Acceleration}
 \subsubsection{SHA-256 Instructions}
 
 \begin{cryptoisa}
-ssha256.sig0 rd, rs1
-ssha256.sig1 rd, rs1
-ssha256.sum0 rd, rs1
-ssha256.sum1 rd, rs1
+sha256sig0 rd, rs1
+sha256sig1 rd, rs1
+sha256sum0 rd, rs1
+sha256sum1 rd, rs1
 \end{cryptoisa}
 
 The {\tt ssha256.*}
@@ -23,27 +23,27 @@ \subsubsection{SHA-256 Instructions}
 SHA-224 and SHA-256 parameterisations as described in
 \cite{nist:fips:180:4}.
 SAIL Model code for each instruction is found in figure
-\ref{fig:sail:ssha256}.
+\ref{fig:sail:sha256}.
 
 \begin{figure}[h]
 \lstinputlisting[language=sail,firstline=46,lastline=56]{../sail/riscv_insts_crypto.sail}
 \caption{SAIL specification for the scalar RV32/RV64 SHA256 instructions.}
-\label{fig:sail:ssha256}
+\label{fig:sail:sha256}
 \end{figure}
 
 \subsubsection{SHA-512 Instructions}
 
 \begin{cryptoisa}
 RV32:                                       RV64:
-  ssha512.sum0r rd, rs1, rs2                  ssha512.sig0 rd, rs1
-  ssha512.sum1r rd, rs1, rs2                  ssha512.sig1 rd, rs1
-  ssha512.sig0l rd, rs1, rs2                  ssha512.sum0 rd, rs1
-  ssha512.sig0h rd, rs1, rs2                  ssha512.sum1 rd, rs1
-  ssha512.sig1l rd, rs1, rs2 
-  ssha512.sig1h rd, rs1, rs2 
+  sha512sum0r rd, rs1, rs2                    sha512sig0 rd, rs1
+  sha512sum1r rd, rs1, rs2                    sha512sig1 rd, rs1
+  sha512sig0l rd, rs1, rs2                    sha512sum0 rd, rs1
+  sha512sig0h rd, rs1, rs2                    sha512sum1 rd, rs1
+  sha512sig1l rd, rs1, rs2 
+  sha512sig1h rd, rs1, rs2 
 \end{cryptoisa}
 
-The \mnemonic{ssha512.*}
+The \mnemonic{sha512.*}
 instructions implement the four $\sigma$ and $\sum$ functions used in
 the SHA512 hash function \cite[Section 4.1.3]{nist:fips:180:4}.
 
@@ -52,11 +52,11 @@ \subsubsection{SHA-512 Instructions}
 The high or low 32-bits of the full 64-bit function result are then
 written to the destination register depending on the instruction.
 
-For the \mnemonic{ssha512.sum*r} instructions, the operation is based
+For the \mnemonic{sha512sum*r} instructions, the operation is based
 purely on rotations;
 the high or low 32-bits of the result can be selected by swapping
 the input source registers to the instruction.
-For the \mnemonic{sha512.sig*[l|h]} instructions, which include shifts,
+For the \mnemonic{sha512sig*[l|h]} instructions, which include shifts,
 the {\tt *l} instruction writes the {\em low} 32-bits of the $\sigma$
 transform, and the {\tt *h} instruction writes the {\em high} 32-bits.
 
@@ -68,9 +68,9 @@ \subsubsection{SHA-512 Instructions}
 parameterisations as described in \cite{nist:fips:180:4}.
 
 SAIL Model code for the RV32 and RV64 instructions can be found in
-Figure \ref{fig:sail:ssha512:rv32}
+Figure \ref{fig:sail:sha512:rv32}
 and
-Figure \ref{fig:sail:ssha512:rv64}
+Figure \ref{fig:sail:sha512:rv64}
 respectivley.
 
 \note{
@@ -88,11 +88,11 @@ \subsubsection{SHA-512 Instructions}
 \begin{figure}[h]
 \lstinputlisting[language=sail,firstline=143,lastline=156]{../sail/riscv_insts_crypto_rv32.sail}
 \caption{SAIL specification for the scalar RV32 SHA512 instructions.}
-\label{fig:sail:ssha512:rv32}
+\label{fig:sail:sha512:rv32}
 \end{figure}
 
 \begin{figure}[h]
 \lstinputlisting[language=sail,firstline=152,lastline=162]{../sail/riscv_insts_crypto_rv64.sail}
 \caption{SAIL specification for the scalar RV64 SHA512 instructions.}
-\label{fig:sail:ssha512:rv64}
+\label{fig:sail:sha512:rv64}
 \end{figure}
diff --git a/doc/tex/sec-scalar-sm3.tex b/doc/tex/sec-scalar-sm3.tex
index a4e0a0f5..ba8f6cb8 100644
--- a/doc/tex/sec-scalar-sm3.tex
+++ b/doc/tex/sec-scalar-sm3.tex
@@ -11,8 +11,8 @@ \subsection{Scalar SM3 Acceleration}
 
 \begin{cryptoisa}
 RV32, RV64
-    ssm3.p1 rd, rs1
-    ssm3.p0 rd, rs1
+    sm3p1 rd, rs1
+    sm3p0 rd, rs1
 \end{cryptoisa}
 
 The instructions implement versions of the $P_0$ and $P_1$
diff --git a/doc/tex/sec-scalar-sm4.tex b/doc/tex/sec-scalar-sm4.tex
index c16bb901..f0a16a6d 100644
--- a/doc/tex/sec-scalar-sm4.tex
+++ b/doc/tex/sec-scalar-sm4.tex
@@ -8,8 +8,8 @@ \subsection{Scalar SM4 Acceleration}
 
 \begin{cryptoisa}
 RV32 / RV64:
-    ssm4.ed     rd, rs1, rs2, bs
-    ssm4.ks     rd, rs1, rs2, bs
+    sm4ed     rd, rs1, rs2, bs
+    sm4ks     rd, rs1, rs2, bs
 \end{cryptoisa}
 
 The instructions are taken from proposals found in \cite{MJS:LWAES:20}.
@@ -19,9 +19,9 @@ \subsection{Scalar SM4 Acceleration}
 software implementation.
 
 \begin{itemize}
-\item \mnemonic{ssm4.ed} - Encrypt/Decrypt instruction. Applies the
+\item \mnemonic{sm4ed} - Encrypt/Decrypt instruction. Applies the
     SBox and $L$ transformations as part of the round function.
-\item \mnemonic{ssm4.ks} - KeySchedule instruction. Applies the
+\item \mnemonic{sm4ks} - KeySchedule instruction. Applies the
     SBox and $L'$ transformations as part of the KeySchedule.
 \end{itemize}
 
diff --git a/doc/tex/sec-scalar.tex b/doc/tex/sec-scalar.tex
index ab43abdf..4c3fbdf0 100644
--- a/doc/tex/sec-scalar.tex
+++ b/doc/tex/sec-scalar.tex
@@ -19,6 +19,7 @@
 
 \import{./}{sec-scalar-bitmanip.tex}
 \import{./}{sec-scalar-aes.tex}
+\clearpage
 \import{./}{sec-scalar-sha2.tex}
 \import{./}{sec-scalar-sm3.tex}
 \import{./}{sec-scalar-sm4.tex}
diff --git a/doc/tex/sec-vector-aes.tex b/doc/tex/sec-vector-aes.tex
index c8d2f91f..c16b9b2d 100644
--- a/doc/tex/sec-vector-aes.tex
+++ b/doc/tex/sec-vector-aes.tex
@@ -54,16 +54,16 @@ \subsection{Vector AES Acceleration - Per Round}
 E.g. an implementation with $\VLEN=64$ may set $\LMUL=2$ and $\SEW=128$.
 
 \begin{cryptoisa}
-vaes128keyi     vrt,       rnd    // 1  <= rnd <= 10
-vaes192keyi     vrt, vrs2, rnd    // 1  <= rnd <= 12
-vaes256keyi     vrt, vrs2, rnd    // 2  <= rnd <= 14
+vaes128keyi.vv    vrt,       rnd    // 1  <= rnd <= 10
+vaes192keyi.vv    vrt, vrs2, rnd    // 1  <= rnd <= 12
+vaes256keyi.vv    vrt, vrs2, rnd    // 2  <= rnd <= 14
 
-vaes128invkeyi  vrt,       rnd    // 9  => rnd =>  0
-vaes192invkeyi  vrt, vrs2, rnd    // 10 => rnd =>  0
-vaes256invkeyi  vrt, vrs2, rnd    // 12 => rnd =>  0
+vaes128invkeyi.vv vrt,       rnd    // 9  => rnd =>  0
+vaes192invkeyi.vv vrt, vrs2, rnd    // 10 => rnd =>  0
+vaes256invkeyi.vv vrt, vrs2, rnd    // 12 => rnd =>  0
 \end{cryptoisa}
 
-The \mnemonic{vaes*keyi} instructions
+The \mnemonic{vaes*keyi.vv} instructions
 are used to compute the {\em next} AES round key for encryption
 or decryption.
 In the round number is supplied by the $4$-bit {\tt rnd} immediate.
@@ -71,14 +71,14 @@ \subsection{Vector AES Acceleration - Per Round}
 Setting {\tt vl=1, vstart=0} will cause the instruction to work on only a
 single vector element.
 
-The \mnemonic{vaes128keyi} instruction computes
+The \mnemonic{vaes128keyi.vv} instruction computes
 the {\em next} round key
 from the
 {\em current} round key
 stored in \vrt,
 and writes the result back to \vrt.
 
-The \mnemonic{vaes192keyi} and \mnemonic{vaes256keyi} instructions
+The \mnemonic{vaes192keyi.vv} and \mnemonic{vaes256keyi.vv} instructions
 compute the {\em next} round key
 from the
 {\em current} round key stored in \vrs{1} {\em and}
@@ -173,7 +173,7 @@ \subsection{Vector AES Acceleration - Per Round}
 
 \begin{figure}[h]
 \begin{lstlisting}[language=pseudo]
-vaes128keyi     vrt, rnd:
+vaes128keyi.vv  vrt, rnd:
     for i=vstart, i<vl, i++:
         tmp.128       = vrt[i]
         tmp.32[0]    ^= RoundConstants[rnd]
@@ -265,9 +265,9 @@ \subsection{Vector AES Acceleration - All Round}
 of \vrs{1} and \vrt to perform encryption/decryption.
 
 \begin{cryptoisa}
-vaes128rkey vrt    // Compute final round key from cipher key.
-vaes192rkey vrt    // Compute final two round keys from cipher key.
-vaes256rkey vrt    // Compute final two round keys from cipher key.
+vaes128rkey.vv vrt    // Compute final round key from cipher key.
+vaes192rkey.vv vrt    // Compute final two round keys from cipher key.
+vaes256rkey.vv vrt    // Compute final two round keys from cipher key.
 \end{cryptoisa}
 
 These instructions are used to quickly derive the final round key(s)
@@ -282,12 +282,12 @@ \subsection{Vector AES Acceleration - All Round}
 Executing these instructions with any other value of \SEW will cause
 an invalid opcode exception.
 
-The \mnemonic{vaes128rkey} instruction takes a single
+The \mnemonic{vaes128rkey.vv} instruction takes a single
 vector source register \vrt, and for each $128$-bit element, computes
 the final AES-128 round key.
 The result is then written back to {\tt vrt}.
 
-The \mnemonic{vaes192rkey} instruction takes a single
+The \mnemonic{vaes192rkey.vv} instruction takes a single
 vector source register {\tt vrt}, and for each $256$-bit element
 (containing a $192$-bit cipher key),
 computes the final two AES-192 round keys.
@@ -297,7 +297,7 @@ \subsection{Vector AES Acceleration - All Round}
 The result is written back to \vrt with
 $\EEW=2*\SEW$ and $\EMUL=2*\LMUL$.
 
-The \mnemonic{vaes256rkey} instruction takes a single
+The \mnemonic{vaes256rkey.vv} instruction takes a single
 vector source register {\tt vrt}, and for each $256$-bit element
 (containing a $256$-bit cipher key),
 computes the final two AES-192 round keys.
@@ -307,7 +307,7 @@ \subsection{Vector AES Acceleration - All Round}
 The result is written back to \vrt with
 $\EEW=2*\SEW$ and $\EMUL=2*\LMUL$.
 
-\todo{For the vaes192/256rkey instructions, they essentially operate on
+\todo{For the vaes192/256rkey.vv instructions, they essentially operate on
 $256$-bit elements. Currently they are defined as needing $\SEW=128$
 and then {\em interpreting} \vrt with $\EEW=2*\SEW$.
 This keeps them consistent with the all rounds encrypt/decrypt
diff --git a/doc/tex/sec-vector-grev.tex b/doc/tex/sec-vector-grev.tex
index 0b4e57de..651ed17b 100644
--- a/doc/tex/sec-vector-grev.tex
+++ b/doc/tex/sec-vector-grev.tex
@@ -2,11 +2,10 @@
 \subsection{Vector GREV}
 
 These instructions are vectorised versions of the Bitmanip
-\mnemonic{grevi} instruction described in
-Section \ref{sec:scalar:bitmanip:grev}.\footnote{
+\mnemonic{grevi} instruction\footnote{
 See \url{https://github.com/AndyGlew/Ri5-stuff/wiki/VGREV---Vector-Generalized-Reverse}
 for the initial design discussion around vector \mnemonic{grev}.
-}
+}.
 
 \begin{cryptoisa}
 vgrev.vi     vd, vs2, uimm, vm  // Vector-Immediate
diff --git a/doc/tex/sec-vector-rotate.tex b/doc/tex/sec-vector-rotate.tex
index 64272fc3..a1e1c325 100644
--- a/doc/tex/sec-vector-rotate.tex
+++ b/doc/tex/sec-vector-rotate.tex
@@ -2,11 +2,10 @@
 \subsection{Vector Rotation}
 
 These instructions provide bitwise rotation support for the
-Vector Extension, analogous to the scalar rotation instructions
-in Section \ref{sec:scalar:bitmanip:rotate}.\footnote{
+Vector Extension, analogous to the scalar rotation instructions\footnote{
 See \url{https://github.com/AndyGlew/Ri5-stuff/wiki/VROT---Vector-Rotate}
 for the initial design discussion around vector rotations.
-}
+}.
 
 \begin{cryptoisa}
 vrot.vv     vd, vs2, vs1, vm        // Vector-Vector
diff --git a/doc/tex/sec-vector-sha2.tex b/doc/tex/sec-vector-sha2.tex
index 9f0d20ee..dce72d89 100644
--- a/doc/tex/sec-vector-sha2.tex
+++ b/doc/tex/sec-vector-sha2.tex
@@ -3,8 +3,8 @@ \subsection{Vector SHA2 Acceleration - Per Round}
 \label{sec:vector:sha2:per-round}
 
 \begin{cryptoisa}
-vsha2.ms vrd, vrs1      // Update message states by 16 rounds.
-vsha2.ws vrt, vrs1, rnd // Update working states by 16 rounds.
+vsha2ms.vv  vrd, vrs1      // Update message states by 16 rounds.
+vsha2wsi.vv vrt, vrs1, rnd // Update working states by 16 rounds.
 \end{cryptoisa}
 
 These instructions are used to accelerate the SHA-256 and SHA-512
@@ -16,34 +16,34 @@ \subsection{Vector SHA2 Acceleration - Per Round}
 Executing these instructions with any other \SEW value will
 result in an Invalid Opcode Exception.
 
-The \mnemonic{vsha2.ms} instruction updates the current {\em message state}
+The \mnemonic{vsha2ms.vv} instruction updates the current {\em message state}
 stored in \vrs{1} with $16$ rounds of the SHA256/SHA512 hash function
 as defined by \SEW.
 The $16$ rounds are applied to each pair of $2*\SEW$
 elements stored in \vrs{1}.
 The result is then written back to \vrd as $2*\SEW$ elements.
 
-The \mnemonic{vsha2.ws} instruction updates the current {\em working state}
+The \mnemonic{vsha2wsi.vv} instruction updates the current {\em working state}
 by $16$ rounds.
 The $3$-bit {\tt rnd} immediate is used to identify the first of
 the $16$ rounds to apply, and hence select appropriate round constants.
 For SHA-256, valid {\tt rnd} values are $0, 16, 32$   and $48$.
 For SHA-512, valid {\tt rnd} values are $0, 16, 32, 48$ and $64$.
-Executing \mnemonic{vsha2.ws} with
+Executing \mnemonic{vsha2wsi.vv} with
 ${\tt rnd}=64$ 
 and
 {\tt SEW}=$256$
 will result in an Invalid Opcode Exception.
 
-\todo{The vsha2.ws immediate requires $3$ bits but only needs to express
+\todo{The vsha2ws.vv immediate requires $3$ bits but only needs to express
 upto $5$ values. Recommend embedding the immediate in the encoding directly
 to make the instructions require fewer encoding points.
 They can still be written as above in assembly to avoid confusing
 mnemonic names.}
 
-To support \mnemonic{vsha2.*} instructions with $\SEW=256$ (i.e. SHA256),
+To support \mnemonic{vsha2*} instructions with $\SEW=256$ (i.e. SHA256),
 implementations must support $\ELEN \ge 512$.
-To support \mnemonic{vsha2.*} instructions with $\SEW=512$ (i.e. SHA512),
+To support \mnemonic{vsha2*} instructions with $\SEW=512$ (i.e. SHA512),
 implementations must support $\ELEN \ge 1024$.
 Executing these instructions with said parameters on an implementation
 not meeting these criteria will cause an Invalid Opcode Exception.
@@ -60,7 +60,7 @@ \subsection{Vector SHA2 Acceleration - All Rounds}
 \label{sec:vector:sha2:all-round}
 
 \begin{cryptoisa}
-vsha2.hs vrt, vrs1      // Update hash states (all rounds).
+vsha2hs.vv vrt, vrs1      // Update hash states (all rounds).
 \end{cryptoisa}
 
 This instruction is used to accelerate the SHA-256 and SHA-512
@@ -72,7 +72,7 @@ \subsection{Vector SHA2 Acceleration - All Rounds}
 Executing these instructions with any other \SEW value will
 result in an Invalid Opcode Exception.
 
-The \mnemonic{vsha2.hs} instruction performs all
+The \mnemonic{vsha2hs.vv} instruction performs all
 $64$ (resp. $80$) rounds of the SHA-256 (resp. SHA-512) block function.
 The current hash state is sourced from \vrt,
 with $\EEW=\SEW$ and $\EMUL=\LMUL$.
diff --git a/sail/riscv_insts_crypto.sail b/sail/riscv_insts_crypto.sail
index abd74e44..98474a10 100644
--- a/sail/riscv_insts_crypto.sail
+++ b/sail/riscv_insts_crypto.sail
@@ -15,41 +15,41 @@
  */
 
 /* AST clauses for the SHA256 instructions. */
-union   clause ast    =    SSHA256_SIG0 : (regidx,regidx)
-union   clause ast    =    SSHA256_SIG1 : (regidx,regidx)
-union   clause ast    =    SSHA256_SUM0 : (regidx,regidx)
-union   clause ast    =    SSHA256_SUM1 : (regidx,regidx)
+union   clause ast    =    SHA256_SIG0 : (regidx,regidx)
+union   clause ast    =    SHA256_SIG1 : (regidx,regidx)
+union   clause ast    =    SHA256_SUM0 : (regidx,regidx)
+union   clause ast    =    SHA256_SUM1 : (regidx,regidx)
 
 
 /* Encode/decode mappings for the SHA256 instructions. */
-mapping clause encdec =    SSHA256_SIG0   (rs1,rd) <->
+mapping clause encdec =    SHA256_SIG0   (rs1,rd) <->
     0b000011100000 @ rs1 @ 0b111 @ rd @ 0b0101011
 
-mapping clause encdec =    SSHA256_SIG1   (rs1,rd) <->
+mapping clause encdec =    SHA256_SIG1   (rs1,rd) <->
     0b000011100001 @ rs1 @ 0b111 @ rd @ 0b0101011
 
-mapping clause encdec =    SSHA256_SUM0   (rs1,rd) <->
+mapping clause encdec =    SHA256_SUM0   (rs1,rd) <->
     0b000011100010 @ rs1 @ 0b111 @ rd @ 0b0101011
 
-mapping clause encdec =    SSHA256_SUM1   (rs1,rd) <->
+mapping clause encdec =    SHA256_SUM1   (rs1,rd) <->
     0b000011100011 @ rs1 @ 0b111 @ rd @ 0b0101011
 
 
 /* Assembly string mappings for the SHA256 instructions. */
-mapping clause assembly = SSHA256_SIG0 (rs1,rd) <-> "ssha256.sig0" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
-mapping clause assembly = SSHA256_SIG1 (rs1,rd) <-> "ssha256.sig1" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
-mapping clause assembly = SSHA256_SUM0 (rs1,rd) <-> "ssha256.sum0" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
-mapping clause assembly = SSHA256_SUM1 (rs1,rd) <-> "ssha256.sum1" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
+mapping clause assembly = SHA256_SIG0 (rs1,rd) <-> "sha256sig0" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
+mapping clause assembly = SHA256_SIG1 (rs1,rd) <-> "sha256sig1" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
+mapping clause assembly = SHA256_SUM0 (rs1,rd) <-> "sha256sum0" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
+mapping clause assembly = SHA256_SUM1 (rs1,rd) <-> "sha256sum1" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
 
-val      crypto_ssha256 : (ssha256_op, regidx, regidx) -> Retired effect {escape,rreg,wreg}
+val      crypto_sha256 : (sha256_op, regidx, regidx) -> Retired effect {escape,rreg,wreg}
 /* --- specification snippet begin --- */
-function crypto_ssha256   (op        , rd    , rs1   ) =  {
+function crypto_sha256   (op        , rd    , rs1   ) =  {
   let inb    : bits(32) = X(rs1)[31..0];
   let result : bits(32) = match op {
-    SHA256_SIG0 => ror32(inb ,07) ^ ror32(inb ,18) ^ (inb >>  3),
-    SHA256_SIG1 => ror32(inb ,17) ^ ror32(inb ,19) ^ (inb >> 10),
-    SHA256_SUM0 => ror32(inb , 2) ^ ror32(inb, 13) ^ ror32(inb,22),
-    SHA256_SUM1 => ror32(inb , 6) ^ ror32(inb, 11) ^ ror32(inb,27)
+    OP_SHA256_SIG0 => ror32(inb ,07) ^ ror32(inb ,18) ^ (inb >>  3),
+    OP_SHA256_SIG1 => ror32(inb ,17) ^ ror32(inb ,19) ^ (inb >> 10),
+    OP_SHA256_SUM0 => ror32(inb , 2) ^ ror32(inb, 13) ^ ror32(inb,22),
+    OP_SHA256_SUM1 => ror32(inb , 6) ^ ror32(inb, 11) ^ ror32(inb,27)
   };
   X(rd) = EXTZ(result);
   RETIRE_SUCCESS
@@ -57,20 +57,20 @@ function crypto_ssha256   (op        , rd    , rs1   ) =  {
 /* --- specification snippet end --- */
 
 /* Execution clauses for the SHA256 instructions. */
-function clause execute (SSHA256_SIG0 (rs1,rd)) = {
-    crypto_ssha256(SHA256_SIG0, rd, rs1);
+function clause execute (SHA256_SIG0 (rs1,rd)) = {
+    crypto_sha256(OP_SHA256_SIG0, rd, rs1);
 }
 
-function clause execute (SSHA256_SIG1 (rs1,rd)) = {
-    crypto_ssha256(SHA256_SIG1, rd, rs1);
+function clause execute (SHA256_SIG1 (rs1,rd)) = {
+    crypto_sha256(OP_SHA256_SIG1, rd, rs1);
 }
 
-function clause execute (SSHA256_SUM0 (rs1,rd)) = {
-    crypto_ssha256(SHA256_SUM0, rd, rs1);
+function clause execute (SHA256_SUM0 (rs1,rd)) = {
+    crypto_sha256(OP_SHA256_SUM0, rd, rs1);
 }
 
-function clause execute (SSHA256_SUM1 (rs1,rd)) = {
-    crypto_ssha256(SHA256_SUM1, rd, rs1);
+function clause execute (SHA256_SUM1 (rs1,rd)) = {
+    crypto_sha256(OP_SHA256_SUM1, rd, rs1);
 }
 
 /*
@@ -79,29 +79,29 @@ function clause execute (SSHA256_SUM1 (rs1,rd)) = {
  */
 
 
-/* AST Types for SSM3.p0/1 */
-union   clause ast      =  SSM3_P0 : (regidx,regidx)
-union   clause ast      =  SSM3_P1 : (regidx,regidx)
+/* AST Types for SM3.p0/1 */
+union   clause ast      =  SM3_P0 : (regidx,regidx)
+union   clause ast      =  SM3_P1 : (regidx,regidx)
 
-/* Decode clause for ssm3.p0 */
-mapping clause encdec   =  SSM3_P0   (rs1,rd) <->
+/* Decode clause for sm3.p0 */
+mapping clause encdec   =  SM3_P0   (rs1,rd) <->
     0b000011101000 @ rs1 @ 0b111 @ rd @ 0b0101011
 
-/* Decode clause for ssm3.p1 */
-mapping clause encdec   =  SSM3_P1   (rs1,rd) <->
+/* Decode clause for sm3.p1 */
+mapping clause encdec   =  SM3_P1   (rs1,rd) <->
     0b000011101001 @ rs1 @ 0b111 @ rd @ 0b0101011
 
 
-/* Asssembly code mapping for ssm3.p0 */
-mapping clause assembly =  SSM3_P0 (rs1,rd) <->
-    "ssm3.p0" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
+/* Asssembly code mapping for sm3.p0 */
+mapping clause assembly =  SM3_P0 (rs1,rd) <->
+    "sm3.p0" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
 
-/* Asssembly code mapping for ssm3.p1 */
-mapping clause assembly =  SSM3_P1 (rs1,rd) <->
-    "ssm3.p1" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
+/* Asssembly code mapping for sm3.p1 */
+mapping clause assembly =  SM3_P1 (rs1,rd) <->
+    "sm3.p1" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
 
 
-val      crypto_sm3 : (ssm3_op, regidx, regidx) -> Retired effect {escape,rreg,wreg}
+val      crypto_sm3 : (sm3_op, regidx, regidx) -> Retired effect {escape,rreg,wreg}
 /* --- specification snippet begin --- */
 function crypto_sm3   (op     , rd    , rs1   ) =  {
   let r1    : bits(32) = X(rs1)[31..0];
@@ -115,13 +115,13 @@ function crypto_sm3   (op     , rd    , rs1   ) =  {
 /* --- specification snippet end --- */
 
 
-/* Execute clause for ssm3.p0 */
-function clause execute ( SSM3_P0 (rs1,rd)) = {
+/* Execute clause for sm3.p0 */
+function clause execute ( SM3_P0 (rs1,rd)) = {
   crypto_sm3(P0, rd, rs1);
 }
 
-/* Execute clause for ssm3.p1 */
-function clause execute ( SSM3_P1 (rs1,rd)) = {
+/* Execute clause for sm3.p1 */
+function clause execute ( SM3_P1 (rs1,rd)) = {
   crypto_sm3(P1, rd, rs1);
 }
 
@@ -133,35 +133,35 @@ function clause execute ( SSM3_P1 (rs1,rd)) = {
 
 
 /* AST clauses for the SM4 instructions. */
-union   clause ast      = SSM4_ED : (bits(2),regidx,regidx,regidx)
-union   clause ast      = SSM4_KS : (bits(2),regidx,regidx,regidx)
+union   clause ast      = SM4_ED : (bits(2),regidx,regidx,regidx)
+union   clause ast      = SM4_KS : (bits(2),regidx,regidx,regidx)
 
 
 /* Encode / decode mappings for the SM4 instructions. */
-mapping clause encdec   = SSM4_ED   (bs,rs2,rs1,rd) <->
+mapping clause encdec   = SM4_ED   (bs,rs2,rs1,rd) <->
     bs @ 0b00100 @ rs2 @ rs1 @ 0b011 @ rd @ 0b0101011
 
-mapping clause encdec   = SSM4_KS   (bs,rs2,rs1,rd) <->
+mapping clause encdec   = SM4_KS   (bs,rs2,rs1,rd) <->
     bs @ 0b00101 @ rs2 @ rs1 @ 0b011 @ rd @ 0b0101011
 
 
 /* Assembly string mappings for the SM4 instructions. */
-mapping clause assembly = SSM4_ED (bs,rs2,rs1,rd) <->
-    "ssm4.ed"     ^ spc() ^ 
+mapping clause assembly = SM4_ED (bs,rs2,rs1,rd) <->
+    "sm4.ed"     ^ spc() ^ 
     reg_name(rd)  ^ sep() ^
     reg_name(rs1) ^ sep() ^
     reg_name(rs2) ^ sep() ^ hex_bits_2(bs)
 
-mapping clause assembly = SSM4_KS (bs,rs2,rs1,rd) <->
-    "ssm4.ks"     ^ spc() ^
+mapping clause assembly = SM4_KS (bs,rs2,rs1,rd) <->
+    "sm4.ks"     ^ spc() ^
     reg_name(rd)  ^ sep() ^
     reg_name(rs1) ^ sep() ^
     reg_name(rs2) ^ sep() ^ hex_bits_2(bs)
 
 
-/* Execute clause for the ssm4 instructions. */
+/* Execute clause for the sm4 instructions. */
 /* --- specification snippet begin --- */
-function clause execute (SSM4_ED (bs,rs2,rs1,rd)) = {
+function clause execute (SM4_ED (bs,rs2,rs1,rd)) = {
   let shamt : bits(6)  = (0b0 @ bs @ 0b000); /* shamt = bs*8 */
   let sb_in : bits(8)  = (X(rs2) >> shamt)[7..0];
   let x     : bits(32) = 0x000000 @ sm4_sbox(sb_in);
@@ -174,7 +174,7 @@ function clause execute (SSM4_ED (bs,rs2,rs1,rd)) = {
   RETIRE_SUCCESS
 }
 
-function clause execute (SSM4_KS (bs,rs2,rs1,rd)) = {
+function clause execute (SM4_KS (bs,rs2,rs1,rd)) = {
   let shamt : bits(6)  = (0b0 @ bs @ 0b000); /* shamt = bs*8 */
   let sb_in : bits(8)  = (X(rs2) >> shamt)[7..0];
   let x     : bits(32) = 0x000000 @ sm4_sbox(sb_in);
@@ -189,23 +189,23 @@ function clause execute (SSM4_KS (bs,rs2,rs1,rd)) = {
 
 
 /*
- * Scalar Cryptography Extension - Scalar        pollentropy instruciton.
+ * Scalar Cryptography Extension - Scalar        pollentropyi instruciton.
  * ----------------------------------------------------------------------
  */
 
-/* AST type for pollentropy instruction */
-union   clause ast      = POLLENTROPY : (bits(5),regidx)
+/* AST type for pollentropyi instruction */
+union   clause ast      = POLLENTROPYI : (bits(5),regidx)
 
-/* Encode / decode mapping for pollentropy */
-mapping clause encdec   = POLLENTROPY (shamtw,rd) <->
+/* Encode / decode mapping for pollentropyi */
+mapping clause encdec   = POLLENTROPYI (shamtw,rd) <->
     0b0001111 @ shamtw @ 0b01010111 @ rd @ 0b0101011
 
-/* Assembly string mapping for pollentropy */
-mapping clause assembly = POLLENTROPY (shamtw,rd) <-> 
-    "pollentropy" ^ spc() ^ reg_name(rd) ^ sep() ^ hex_bits_5(shamtw)
+/* Assembly string mapping for pollentropyi */
+mapping clause assembly = POLLENTROPYI (shamtw,rd) <-> 
+    "pollentropyi" ^ spc() ^ reg_name(rd) ^ sep() ^ hex_bits_5(shamtw)
 
-/* Execute clause for pollentropy */
-function clause execute (    POLLENTROPY (shamtw,rd)) = {
+/* Execute clause for pollentropyi */
+function clause execute (    POLLENTROPYI (shamtw,rd)) = {
     /* TBD, implemented as nop.*/
     RETIRE_SUCCESS
 }
diff --git a/sail/riscv_insts_crypto_rv32.sail b/sail/riscv_insts_crypto_rv32.sail
index a9745623..fbef560e 100644
--- a/sail/riscv_insts_crypto_rv32.sail
+++ b/sail/riscv_insts_crypto_rv32.sail
@@ -15,7 +15,7 @@
  */
 
 /* Map between f5 encoding field and scalar round function instrucitons. */
-mapping encdec_saes32_op : saes_op <-> bits(5) = {
+mapping encdec_aes32_op : aes_op <-> bits(5) = {
     ENCSM   <-> 0b00000,
     ENCS    <-> 0b00001,
     DECSM   <-> 0b00010,
@@ -23,37 +23,37 @@ mapping encdec_saes32_op : saes_op <-> bits(5) = {
 }
 
 /* Map 32-bit operations to assembly mnemonics - for disassemly */
-mapping saes32_op_to_mnemonic : saes_op <-> string = {
-    ENCSM <-> "saes32.encsm"  ,
-    ENCS  <-> "saes32.encs"   ,
-    DECSM <-> "saes32.decsm"  ,
-    DECS  <-> "saes32.decs"
+mapping aes32_op_to_mnemonic : aes_op <-> string = {
+    ENCSM <-> "aes32esm"  ,
+    ENCS  <-> "aes32es"   ,
+    DECSM <-> "aes32dsm"  ,
+    DECS  <-> "aes32ds"
 }
 
 /* Map byte shift amounts to strings - for disassemly */
-val     saes32_bs_to_str   : saes_bs <-> string
-mapping saes32_bs_to_str   : saes_bs <-> string = {
+val     aes32_bs_to_str   : aes_bs <-> string
+mapping aes32_bs_to_str   : aes_bs <-> string = {
     0b00 <-> "0",
     0b01 <-> "1",
     0b10 <-> "2",
     0b11 <-> "3"
 }
 
-union    clause ast      = SAES32 : (saes_bs, regidx, regidx, regidx, saes_op)
+union    clause ast      = AES32 : (aes_bs, regidx, regidx, regidx, aes_op)
 
 
 /* Encrypt/Decrypt mapping for 32-bit scalar AES instructions. */
-mapping  clause encdec   = SAES32   (saes_bs, rs2   , rs1   , rd    , op     )
-    <-> saes_bs @ encdec_saes32_op(op) @ rs2 @ rs1 @ 0b010 @ rd @ 0b0101011
+mapping  clause encdec   = AES32   (aes_bs, rs2   , rs1   , rd    , op     )
+    <-> aes_bs @ encdec_aes32_op(op) @ rs2 @ rs1 @ 0b010 @ rd @ 0b0101011
 
 
-/* Map between an AST representation of SAES32 and a disassembly string. */
-mapping  clause assembly = SAES32   (     bs, rs2   , rs1   , rd    , op     )
-<-> saes32_op_to_mnemonic(op)   ^   spc()   ^
+/* Map between an AST representation of AES32 and a disassembly string. */
+mapping  clause assembly = AES32   (     bs, rs2   , rs1   , rd    , op     )
+<-> aes32_op_to_mnemonic(op)   ^   spc()   ^
     reg_name(rd)                ^   sep()   ^
     reg_name(rs1)               ^   sep()   ^
     reg_name(rs2)               ^   sep()   ^
-    saes32_bs_to_str(bs)
+    aes32_bs_to_str(bs)
 
 
 /* Execute the scalar 32-bit AES instructions.
@@ -64,16 +64,16 @@ mapping  clause assembly = SAES32   (     bs, rs2   , rs1   , rd    , op     )
  * - bs : 2-bit byte shift.
  */ 
 /* --- specification snippet begin --- */
-function clause execute   (SAES32 (bs, rs2, rs1, rd, op))={
+function clause execute   (AES32 (bs, rs2, rs1, rd, op))={
   let rs1_val : xlenbits = X(rs1);
   let rs2_val : xlenbits = X(rs2);
   let shamt   : bits(6)  = (0b0 @ bs @ 0b000); /* shamt = bs*8 */
   let si      : bits(8)  = (rs2_val >> shamt)[7..0]; /* SBox Input */
-  let so      : bits(8)  = if (saes_op_fwd(op)) then aes_sbox_fwd(si)
+  let so      : bits(8)  = if (aes_op_fwd(op)) then aes_sbox_fwd(si)
                                                 else aes_sbox_inv(si);
   let mixed   : xlenbits =
-    if(saes_op_does_mix(op)) then
-      if(saes_op_fwd(op)) then aes_mixcolumn_byte_fwd(so)
+    if(aes_op_does_mix(op)) then
+      if(aes_op_fwd(op)) then aes_mixcolumn_byte_fwd(so)
                           else aes_mixcolumn_byte_inv(so)
     else
         0x000000 @ so;
@@ -91,65 +91,65 @@ function clause execute   (SAES32 (bs, rs2, rs1, rd, op))={
 
 
 /* AST clauses for the RV32 SHA512 instructions. */
-union   clause ast    = SSHA512_SIG0L : (regidx,regidx,regidx)
-union   clause ast    = SSHA512_SIG0H : (regidx,regidx,regidx)
-union   clause ast    = SSHA512_SIG1L : (regidx,regidx,regidx)
-union   clause ast    = SSHA512_SIG1H : (regidx,regidx,regidx)
-union   clause ast    = SSHA512_SUM0R : (regidx,regidx,regidx)
-union   clause ast    = SSHA512_SUM1R : (regidx,regidx,regidx)
+union   clause ast    = SHA512_SIG0L : (regidx,regidx,regidx)
+union   clause ast    = SHA512_SIG0H : (regidx,regidx,regidx)
+union   clause ast    = SHA512_SIG1L : (regidx,regidx,regidx)
+union   clause ast    = SHA512_SIG1H : (regidx,regidx,regidx)
+union   clause ast    = SHA512_SUM0R : (regidx,regidx,regidx)
+union   clause ast    = SHA512_SUM1R : (regidx,regidx,regidx)
 
 /* Encode / decode mappings for the RV32 SHA512 instructions. */
-mapping clause encdec = SSHA512_SIG0L (rs2,rs1,rd) <->
+mapping clause encdec = SHA512_SIG0L (rs2,rs1,rd) <->
     0b0001000 @ rs2 @ rs1 @ 0b111 @ rd @ 0b0101011
 
-mapping clause encdec = SSHA512_SIG0H (rs2,rs1,rd) <->
+mapping clause encdec = SHA512_SIG0H (rs2,rs1,rd) <->
     0b0001001 @ rs2 @ rs1 @ 0b111 @ rd @ 0b0101011
 
-mapping clause encdec = SSHA512_SIG1L (rs2,rs1,rd) <->
+mapping clause encdec = SHA512_SIG1L (rs2,rs1,rd) <->
     0b0001010 @ rs2 @ rs1 @ 0b111 @ rd @ 0b0101011
 
-mapping clause encdec = SSHA512_SIG1H (rs2,rs1,rd) <->
+mapping clause encdec = SHA512_SIG1H (rs2,rs1,rd) <->
     0b0001011 @ rs2 @ rs1 @ 0b111 @ rd @ 0b0101011
 
-mapping clause encdec = SSHA512_SUM0R (rs2,rs1,rd) <->
+mapping clause encdec = SHA512_SUM0R (rs2,rs1,rd) <->
     0b0001100 @ rs2 @ rs1 @ 0b111 @ rd @ 0b0101011
 
-mapping clause encdec = SSHA512_SUM1R (rs2,rs1,rd) <->
+mapping clause encdec = SHA512_SUM1R (rs2,rs1,rd) <->
     0b0001101 @ rs2 @ rs1 @ 0b111 @ rd @ 0b0101011
 
 
 /* Assembly string mappings for the RV32 SHA512 instructions. */
-mapping clause assembly = SSHA512_SIG0L (rs2,rs1,rd) <->
-    "ssha512.sig0l" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
+mapping clause assembly = SHA512_SIG0L (rs2,rs1,rd) <->
+    "sha512sig0l" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
 
-mapping clause assembly = SSHA512_SIG0H (rs2,rs1,rd) <->
-    "ssha512.sig0h" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
+mapping clause assembly = SHA512_SIG0H (rs2,rs1,rd) <->
+    "sha512sig0h" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
 
-mapping clause assembly = SSHA512_SIG1L (rs2,rs1,rd) <->
-    "ssha512.sig1l" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
+mapping clause assembly = SHA512_SIG1L (rs2,rs1,rd) <->
+    "sha512sig1l" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
 
-mapping clause assembly = SSHA512_SIG1H (rs2,rs1,rd) <->
-    "ssha512.sig1h" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
+mapping clause assembly = SHA512_SIG1H (rs2,rs1,rd) <->
+    "sha512sig1h" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
 
-mapping clause assembly = SSHA512_SUM0R (rs2,rs1,rd) <->
-    "ssha512.sum0r" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
+mapping clause assembly = SHA512_SUM0R (rs2,rs1,rd) <->
+    "sha512sum0r" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
 
-mapping clause assembly = SSHA512_SUM1R (rs2,rs1,rd) <->
-    "ssha512.sum1r" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
+mapping clause assembly = SHA512_SUM1R (rs2,rs1,rd) <->
+    "sha512sum1r" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
 
 
-val      crypto_ssha512_rv32 :(ssha512_rv32_op, regidx, regidx, regidx) -> Retired effect {escape, rreg, wreg}
+val      crypto_sha512_rv32 :(sha512_rv32_op, regidx, regidx, regidx) -> Retired effect {escape, rreg, wreg}
 /* --- specification snippet begin --- */
-function crypto_ssha512_rv32  (op             , rd    , rs1   , rs2   ) = {
+function crypto_sha512_rv32  (op             , rd    , rs1   , rs2   ) = {
   let r1     : bits(32) = X(rs1)[31..0];
   let r2     : bits(32) = X(rs2)[31..0];
   let result : bits(32) = match op {
-    SHA512_SIG0L => (r1>> 1) ^ (r1>> 7) ^ (r1>> 8) ^ (r2<<31) ^(r2<<25) ^(r2<<24),
-    SHA512_SIG0H => (r1>> 1) ^ (r1>> 7) ^ (r1>> 8) ^ (r2<<31)           ^(r2<<24),
-    SHA512_SIG1L => (r1>> 3) ^ (r1>> 6) ^ (r1>>19) ^ (r2<<29) ^(r2<<26) ^(r2<<13),
-    SHA512_SIG1H => (r1>> 3) ^ (r1>> 6) ^ (r1>>19) ^ (r2<<29)           ^(r2<<13),
-    SHA512_SUM0R => (r1<<25) ^ (r1<<30) ^ (r1>>28) ^ (r2<< 7) ^(r2<< 2) ^(r2<<24),
-    SHA512_SUM1R => (r1<<23) ^ (r1<<14) ^ (r1>>18) ^ (r2<< 9) ^(r2<<18) ^(r2<<14)
+    OP_SHA512_SIG0L => (r1>> 1)^(r1>> 7)^(r1>> 8)^(r2<<31)^(r2<<25)^(r2<<24),
+    OP_SHA512_SIG0H => (r1>> 1)^(r1>> 7)^(r1>> 8)^(r2<<31)         ^(r2<<24),
+    OP_SHA512_SIG1L => (r1>> 3)^(r1>> 6)^(r1>>19)^(r2<<29)^(r2<<26)^(r2<<13),
+    OP_SHA512_SIG1H => (r1>> 3)^(r1>> 6)^(r1>>19)^(r2<<29)         ^(r2<<13),
+    OP_SHA512_SUM0R => (r1<<25)^(r1<<30)^(r1>>28)^(r2<< 7)^(r2<< 2)^(r2<<24),
+    OP_SHA512_SUM1R => (r1<<23)^(r1<<14)^(r1>>18)^(r2<< 9)^(r2<<18)^(r2<<14)
   };
   X(rd) = EXTZ(result);
   RETIRE_SUCCESS
@@ -161,28 +161,28 @@ function crypto_ssha512_rv32  (op             , rd    , rs1   , rs2   ) = {
  * Execute clauses for the 32-bit SHA512 instructions.
  */
 
-function clause execute (  SSHA512_SIG0L (rs2,rs1,rd)) = {
-  crypto_ssha512_rv32(SHA512_SIG0L, rd, rs1, rs2);
+function clause execute (  SHA512_SIG0L (rs2,rs1,rd)) = {
+  crypto_sha512_rv32(OP_SHA512_SIG0L, rd, rs1, rs2);
 }
 
-function clause execute (  SSHA512_SIG0H (rs2,rs1,rd)) = {
-  crypto_ssha512_rv32(SHA512_SIG0H, rd, rs1, rs2);
+function clause execute (  SHA512_SIG0H (rs2,rs1,rd)) = {
+  crypto_sha512_rv32(OP_SHA512_SIG0H, rd, rs1, rs2);
 }
 
-function clause execute (  SSHA512_SIG1L (rs2,rs1,rd)) = {
-  crypto_ssha512_rv32(SHA512_SIG1L, rd, rs1, rs2);
+function clause execute (  SHA512_SIG1L (rs2,rs1,rd)) = {
+  crypto_sha512_rv32(OP_SHA512_SIG1L, rd, rs1, rs2);
 }
 
-function clause execute (  SSHA512_SIG1H (rs2,rs1,rd)) = {
-  crypto_ssha512_rv32(SHA512_SIG1H, rd, rs1, rs2);
+function clause execute (  SHA512_SIG1H (rs2,rs1,rd)) = {
+  crypto_sha512_rv32(OP_SHA512_SIG1H, rd, rs1, rs2);
 }
 
-function clause execute (  SSHA512_SUM0R (rs2,rs1,rd)) = {
-  crypto_ssha512_rv32(SHA512_SUM0R, rd, rs1, rs2);
+function clause execute (  SHA512_SUM0R (rs2,rs1,rd)) = {
+  crypto_sha512_rv32(OP_SHA512_SUM0R, rd, rs1, rs2);
 }
 
-function clause execute (  SSHA512_SUM1R (rs2,rs1,rd)) = {
-  crypto_ssha512_rv32(SHA512_SUM1R, rd, rs1, rs2);
+function clause execute (  SHA512_SUM1R (rs2,rs1,rd)) = {
+  crypto_sha512_rv32(OP_SHA512_SUM1R, rd, rs1, rs2);
 }
 
 
diff --git a/sail/riscv_insts_crypto_rv64.sail b/sail/riscv_insts_crypto_rv64.sail
index d2368633..73c8ac3c 100644
--- a/sail/riscv_insts_crypto_rv64.sail
+++ b/sail/riscv_insts_crypto_rv64.sail
@@ -14,62 +14,62 @@
  * ----------------------------------------------------------------------
  */
 
-union   clause ast    =   SAES64_KS1 : (bits(4),regidx,regidx)
-union   clause ast    =   SAES64_KS2 : (regidx,regidx,regidx)
-union   clause ast    =  SAES64_IMIX : (regidx,regidx)
-union   clause ast    = SAES64_ENCSM : (regidx,regidx,regidx)
-union   clause ast    =  SAES64_ENCS : (regidx,regidx,regidx)
-union   clause ast    = SAES64_DECSM : (regidx,regidx,regidx)
-union   clause ast    =  SAES64_DECS : (regidx,regidx,regidx)
+union   clause ast    =AES64_KS1I : (bits(4),regidx,regidx)
+union   clause ast    = AES64_KS2 : (regidx,regidx,regidx)
+union   clause ast    =  AES64_IM : (regidx,regidx)
+union   clause ast    = AES64_ESM : (regidx,regidx,regidx)
+union   clause ast    =  AES64_ES : (regidx,regidx,regidx)
+union   clause ast    = AES64_DSM : (regidx,regidx,regidx)
+union   clause ast    =  AES64_DS : (regidx,regidx,regidx)
 
 
-mapping clause encdec =   SAES64_KS1 (rcon,rs1,rd) <->
+mapping clause encdec =   AES64_KS1I (rcon,rs1,rd) <->
     0b00001000 @ rcon @ rs1 @ 0b010 @ rd @ 0b0101011
 
-mapping clause encdec =   SAES64_KS2 (rs2,rs1,rd) <->
+mapping clause encdec =   AES64_KS2 (rs2,rs1,rd) <->
     0b0000101 @ rs2 @ rs1 @ 0b010 @ rd @ 0b0101011
 
-mapping clause encdec =  SAES64_IMIX (rs1,rd) <-> 
+mapping clause encdec =  AES64_IM (rs1,rd) <-> 
     0b000011000001 @ rs1 @ 0b010 @ rd @ 0b0101011
 
-mapping clause encdec = SAES64_ENCSM (rs2,rs1,rd) <->
+mapping clause encdec = AES64_ESM (rs2,rs1,rd) <->
     0b0000111 @ rs2 @ rs1 @ 0b010 @ rd @ 0b0101011
 
-mapping clause encdec =  SAES64_ENCS (rs2,rs1,rd) <->
+mapping clause encdec =  AES64_ES (rs2,rs1,rd) <->
     0b0001000 @ rs2 @ rs1 @ 0b010 @ rd @ 0b0101011
 
-mapping clause encdec = SAES64_DECSM (rs2,rs1,rd) <->
+mapping clause encdec = AES64_DSM (rs2,rs1,rd) <->
     0b0001001 @ rs2 @ rs1 @ 0b010 @ rd @ 0b0101011
 
-mapping clause encdec =  SAES64_DECS (rs2,rs1,rd) <->
+mapping clause encdec =  AES64_DS (rs2,rs1,rd) <->
     0b0001010 @ rs2 @ rs1 @ 0b010 @ rd @ 0b0101011
 
 
-mapping clause assembly =   SAES64_KS1 (rcon,rs1,rd) <->
-    "saes64.ks1" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ hex_bits_4(rcon)
+mapping clause assembly =   AES64_KS1I (rcon,rs1,rd) <->
+    "aes64ks1i" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ hex_bits_4(rcon)
 
-mapping clause assembly =   SAES64_KS2 (rs2,rs1,rd) <->
-    "saes64.ks2" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
+mapping clause assembly =   AES64_KS2 (rs2,rs1,rd) <->
+    "aes64ks2" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
 
-mapping clause assembly =  SAES64_IMIX (rs1,rd) <->
-    "saes64.imix" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
+mapping clause assembly =  AES64_IM (rs1,rd) <->
+    "aes64im" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
 
-mapping clause assembly = SAES64_ENCSM (rs2,rs1,rd) <->
-    "saes64.encsm" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
+mapping clause assembly = AES64_ESM (rs2,rs1,rd) <->
+    "aes64esm" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
 
-mapping clause assembly =  SAES64_ENCS (rs2,rs1,rd) <->
-    "saes64.encs" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
+mapping clause assembly =  AES64_ES (rs2,rs1,rd) <->
+    "aes64es" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
 
-mapping clause assembly = SAES64_DECSM (rs2,rs1,rd) <->
-    "saes64.decsm" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
+mapping clause assembly = AES64_DSM (rs2,rs1,rd) <->
+    "aes64dsm" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
 
-mapping clause assembly =  SAES64_DECS (rs2,rs1,rd) <->
-    "saes64.decs" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
+mapping clause assembly =  AES64_DS (rs2,rs1,rd) <->
+    "aes64ds" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1) ^ sep() ^ reg_name(rs2)
 
 
-val      crypto_saes64 : (regidx, regidx, regidx, bool, bool) -> Retired effect {escape, rreg, wreg}
+val      crypto_aes64 : (regidx, regidx, regidx, bool, bool) -> Retired effect {escape, rreg, wreg}
 /* --- specification snippet begin --- */
-function crypto_saes64   (rd    , rs1   , rs2   , enc , mix )  = {
+function crypto_aes64   (rd    , rs1   , rs2   , enc , mix )  = {
   let sr : bits(128) = match enc {
     true  => aes_shift_rows_fwd(X(rs2)[63..0] @ X(rs1)[63..0]), /* Encrypt */
     false => aes_shift_rows_inv(X(rs2)[63..0] @ X(rs1)[63..0])  /* Decrypt */
@@ -87,7 +87,7 @@ function crypto_saes64   (rd    , rs1   , rs2   , enc , mix )  = {
   RETIRE_SUCCESS
 }
 
-function clause execute (SAES64_KS1 (rcon,rs1,rd)) = {
+function clause execute (AES64_KS1I (rcon,rs1,rd)) = {
     let tmp1  : bits(32) = X(rs1)[63..32];
     let rc    : bits(32) = aes_decode_rcon(rcon);
     let tmp2  : bits(32) = if rcon==0xA then tmp1 else ror32(tmp1, 8);
@@ -97,33 +97,33 @@ function clause execute (SAES64_KS1 (rcon,rs1,rd)) = {
     X(rd)      = EXTZ(result); RETIRE_SUCCESS
 }
 
-function clause execute (SAES64_KS2 (rs2,rs1,rd)) = {
+function clause execute (AES64_KS2 (rs2,rs1,rd)) = {
     let w0 : bits(32) = X(rs1)[63..32] ^ X(rs2)[31..0];
     let w1 : bits(32) = X(rs1)[63..32] ^ X(rs2)[31..0] ^ X(rs2)[63..32];
     X(rd)  = w1 @ w0; RETIRE_SUCCESS
 }
 
-function clause execute (SAES64_IMIX (rs1,rd)) = {
+function clause execute (AES64_IM (rs1,rd)) = {
     let w0 : bits(32) = aes_mixcolumn_inv(X(rs1)[31.. 0]);
     let w1 : bits(32) = aes_mixcolumn_inv(X(rs1)[63..32]);
     X(rd)  = w1 @ w0; RETIRE_SUCCESS
 }
 /* --- specification snippet begin --- */
 
-function clause execute (SAES64_ENCSM (rs2,rs1,rd)) = {
-    crypto_saes64(rd, rs1, rs2, true, true);
+function clause execute (AES64_ESM (rs2,rs1,rd)) = {
+    crypto_aes64(rd, rs1, rs2, true, true);
 }
 
-function clause execute (SAES64_ENCS (rs2,rs1,rd)) = {
-    crypto_saes64(rd, rs1, rs2, true, false);
+function clause execute (AES64_ES (rs2,rs1,rd)) = {
+    crypto_aes64(rd, rs1, rs2, true, false);
 }
 
-function clause execute (SAES64_DECSM (rs2,rs1,rd)) = {
-    crypto_saes64(rd, rs1, rs2, false, true);
+function clause execute (AES64_DSM (rs2,rs1,rd)) = {
+    crypto_aes64(rd, rs1, rs2, false, true);
 }
 
-function clause execute (SAES64_DECS (rs2,rs1,rd)) = {
-    crypto_saes64(rd, rs1, rs2, false, false);
+function clause execute (AES64_DS (rs2,rs1,rd)) = {
+    crypto_aes64(rd, rs1, rs2, false, false);
 }
 
 /*
@@ -131,31 +131,31 @@ function clause execute (SAES64_DECS (rs2,rs1,rd)) = {
  * ----------------------------------------------------------------------
  */
 
-union   clause ast    =    SSHA512_SIG0 : (regidx,regidx)
-union   clause ast    =    SSHA512_SIG1 : (regidx,regidx)
-union   clause ast    =    SSHA512_SUM0 : (regidx,regidx)
-union   clause ast    =    SSHA512_SUM1 : (regidx,regidx)
+union   clause ast    =    SHA512_SIG0 : (regidx,regidx)
+union   clause ast    =    SHA512_SIG1 : (regidx,regidx)
+union   clause ast    =    SHA512_SUM0 : (regidx,regidx)
+union   clause ast    =    SHA512_SUM1 : (regidx,regidx)
 
-mapping clause encdec =    SSHA512_SIG0   (rs1,rd) <-> 0b000011100100 @ rs1 @ 0b111 @ rd @ 0b0101011
-mapping clause encdec =    SSHA512_SIG1   (rs1,rd) <-> 0b000011100101 @ rs1 @ 0b111 @ rd @ 0b0101011
-mapping clause encdec =    SSHA512_SUM0   (rs1,rd) <-> 0b000011100110 @ rs1 @ 0b111 @ rd @ 0b0101011
-mapping clause encdec =    SSHA512_SUM1   (rs1,rd) <-> 0b000011100111 @ rs1 @ 0b111 @ rd @ 0b0101011
+mapping clause encdec =    SHA512_SIG0   (rs1,rd) <-> 0b000011100100 @ rs1 @ 0b111 @ rd @ 0b0101011
+mapping clause encdec =    SHA512_SIG1   (rs1,rd) <-> 0b000011100101 @ rs1 @ 0b111 @ rd @ 0b0101011
+mapping clause encdec =    SHA512_SUM0   (rs1,rd) <-> 0b000011100110 @ rs1 @ 0b111 @ rd @ 0b0101011
+mapping clause encdec =    SHA512_SUM1   (rs1,rd) <-> 0b000011100111 @ rs1 @ 0b111 @ rd @ 0b0101011
 
-mapping clause assembly =    SSHA512_SIG0 (rs1,rd) <-> "ssha512.sig0" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
-mapping clause assembly =    SSHA512_SIG1 (rs1,rd) <-> "ssha512.sig1" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
-mapping clause assembly =    SSHA512_SUM0 (rs1,rd) <-> "ssha512.sum0" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
-mapping clause assembly =    SSHA512_SUM1 (rs1,rd) <-> "ssha512.sum1" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
+mapping clause assembly =    SHA512_SIG0 (rs1,rd) <-> "sha512sig0" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
+mapping clause assembly =    SHA512_SIG1 (rs1,rd) <-> "sha512sig1" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
+mapping clause assembly =    SHA512_SUM0 (rs1,rd) <-> "sha512sum0" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
+mapping clause assembly =    SHA512_SUM1 (rs1,rd) <-> "sha512sum1" ^ spc() ^ reg_name(rd) ^ sep() ^ reg_name(rs1)
 
 
-val      crypto_ssha512_rv64 : (ssha512_rv64_op, regidx, regidx) -> Retired effect {escape, rreg, wreg}
+val      crypto_sha512_rv64 : (sha512_rv64_op, regidx, regidx) -> Retired effect {escape, rreg, wreg}
 /* --- specification snippet begin --- */
-function crypto_ssha512_rv64   (op             , rd    , rs1   ) =  {
+function crypto_sha512_rv64   (op             , rd    , rs1   ) =  {
   let inb    : bits(64) = X(rs1)[63..0];
   let result : bits(64) = match op {
-    SHA512_SIG0 => ror64(inb,  1) ^ ror64(inb,  8) ^ (inb >> 7),
-    SHA512_SIG1 => ror64(inb, 19) ^ ror64(inb, 61) ^ (inb >> 6),
-    SHA512_SUM0 => ror64(inb, 28) ^ ror64(inb, 34) ^ ror64(inb ,39),
-    SHA512_SUM1 => ror64(inb, 14) ^ ror64(inb, 18) ^ ror64(inb ,41)
+    OP_SHA512_SIG0 => ror64(inb,  1) ^ ror64(inb,  8) ^ (inb >> 7),
+    OP_SHA512_SIG1 => ror64(inb, 19) ^ ror64(inb, 61) ^ (inb >> 6),
+    OP_SHA512_SUM0 => ror64(inb, 28) ^ ror64(inb, 34) ^ ror64(inb ,39),
+    OP_SHA512_SUM1 => ror64(inb, 14) ^ ror64(inb, 18) ^ ror64(inb ,41)
   };
   X(rd) = EXTZ(result);
   RETIRE_SUCCESS
@@ -163,19 +163,19 @@ function crypto_ssha512_rv64   (op             , rd    , rs1   ) =  {
 /* --- specification snippet end --- */
 
 
-function clause execute (   SSHA512_SIG0 (rs1,rd)) = {
-    crypto_ssha512_rv64(SHA512_SIG0, rd, rs1);
+function clause execute (   SHA512_SIG0 (rs1,rd)) = {
+    crypto_sha512_rv64(OP_SHA512_SIG0, rd, rs1);
 }
 
-function clause execute (   SSHA512_SIG1 (rs1,rd)) = {
-    crypto_ssha512_rv64(SHA512_SIG1, rd, rs1);
+function clause execute (   SHA512_SIG1 (rs1,rd)) = {
+    crypto_sha512_rv64(OP_SHA512_SIG1, rd, rs1);
 }
 
-function clause execute (   SSHA512_SUM0 (rs1,rd)) = {
-    crypto_ssha512_rv64(SHA512_SUM0, rd, rs1);
+function clause execute (   SHA512_SUM0 (rs1,rd)) = {
+    crypto_sha512_rv64(OP_SHA512_SUM0, rd, rs1);
 }
 
-function clause execute (   SSHA512_SUM1 (rs1,rd)) = {
-    crypto_ssha512_rv64(SHA512_SUM1, rd, rs1);
+function clause execute (   SHA512_SUM1 (rs1,rd)) = {
+    crypto_sha512_rv64(OP_SHA512_SUM1, rd, rs1);
 }
 
diff --git a/sail/riscv_types_crypto.sail b/sail/riscv_types_crypto.sail
index a3523a86..95950758 100644
--- a/sail/riscv_types_crypto.sail
+++ b/sail/riscv_types_crypto.sail
@@ -192,35 +192,35 @@ enum            saes_op = {
 
 
 /* Scalar SHA256 instruction operations. Used for 32,64-bit versions. */
-enum            ssha256_op = {
-    SHA256_SIG0,
-    SHA256_SIG1,
-    SHA256_SUM0,
-    SHA256_SUM1
+enum            sha256_op = {
+    OP_SHA256_SIG0,
+    OP_SHA256_SIG1,
+    OP_SHA256_SUM0,
+    OP_SHA256_SUM1
 }
 
 /* Scalar SHA512 RV64 instruction operations */
-enum            ssha512_rv64_op = {
-    SHA512_SIG0,
-    SHA512_SIG1,
-    SHA512_SUM0,
-    SHA512_SUM1
+enum            sha512_rv64_op = {
+    OP_SHA512_SIG0,
+    OP_SHA512_SIG1,
+    OP_SHA512_SUM0,
+    OP_SHA512_SUM1
 }
 
 /* Scalar SHA512 RV32 instruction operations.*/
-enum            ssha512_rv32_op = {
-    SHA512_SIG0L, SHA512_SIG0H,
-    SHA512_SIG1L, SHA512_SIG1H,
-    SHA512_SUM0R, SHA512_SUM1R
+enum            sha512_rv32_op = {
+    OP_SHA512_SIG0L, OP_SHA512_SIG0H,
+    OP_SHA512_SIG1L, OP_SHA512_SIG1H,
+    OP_SHA512_SUM0R, OP_SHA512_SUM1R
 }
 
 /* Scalar SM3 instruction operations. Used for 32,64-bit versions. */
-enum            ssm3_op = {
+enum            sm3_op = {
     P0, P1
 }
 
 /* Scalar SM4 instruction operations. Used for 32,64-bit versions. */
-enum            ssm4_op = {
+enum            sm4_op = {
     KS, ED
 }
 
diff --git a/tools/opcodes-crypto-scalar b/tools/opcodes-crypto-scalar
index 4253109f..a1dd951f 100644
--- a/tools/opcodes-crypto-scalar
+++ b/tools/opcodes-crypto-scalar
@@ -15,48 +15,48 @@
 # ------------------------------------------------------------
 
 # Scalar SM4 - RV32, RV64
-ssm4.ed         rd rs1 rs2 bs    29..25=4            14..12=3 6..0=0x2B
-ssm4.ks         rd rs1 rs2 bs    29..25=5            14..12=3 6..0=0x2B
+sm4ed         rd rs1 rs2 bs    29..25=4            14..12=3 6..0=0x2B
+sm4ks         rd rs1 rs2 bs    29..25=5            14..12=3 6..0=0x2B
 
 # Scalar AES - RV32
-saes32.encsm    rd rs1 rs2 bs    29..25=0            14..12=2 6..0=0x2B
-saes32.encs     rd rs1 rs2 bs    29..25=1            14..12=2 6..0=0x2B
-saes32.decsm    rd rs1 rs2 bs    29..25=2            14..12=2 6..0=0x2B
-saes32.decs     rd rs1 rs2 bs    29..25=3            14..12=2 6..0=0x2B
+aes32esmi     rd rs1 rs2 bs    29..25=0            14..12=2 6..0=0x2B
+aes32esi      rd rs1 rs2 bs    29..25=1            14..12=2 6..0=0x2B
+aes32dsmi     rd rs1 rs2 bs    29..25=2            14..12=2 6..0=0x2B
+aes32dsi      rd rs1 rs2 bs    29..25=3            14..12=2 6..0=0x2B
 
 # Scalar AES - RV64
-saes64.ks1      rd rs1 rcon      31..25=4  24=0      14..12=2 6..0=0x2B
-saes64.ks2      rd rs1 rs2       31..25=5            14..12=2 6..0=0x2B
-saes64.imix     rd rs1           31..25=6  24..20=1  14..12=2 6..0=0x2B
-saes64.encsm    rd rs1 rs2       31..25=7            14..12=2 6..0=0x2B
-saes64.encs     rd rs1 rs2       31..25=8            14..12=2 6..0=0x2B
-saes64.decsm    rd rs1 rs2       31..25=9            14..12=2 6..0=0x2B
-saes64.decs     rd rs1 rs2       31..25=10           14..12=2 6..0=0x2B
+aes64ks1i     rd rs1 rcon      31..25=4  24=0      14..12=2 6..0=0x2B
+aes64ks2      rd rs1 rs2       31..25=5            14..12=2 6..0=0x2B
+aes64im       rd rs1           31..25=6  24..20=1  14..12=2 6..0=0x2B
+aes64esm      rd rs1 rs2       31..25=7            14..12=2 6..0=0x2B
+aes64es       rd rs1 rs2       31..25=8            14..12=2 6..0=0x2B
+aes64dsm      rd rs1 rs2       31..25=9            14..12=2 6..0=0x2B
+aes64ds       rd rs1 rs2       31..25=10           14..12=2 6..0=0x2B
 
 # Scalar SHA256 - RV32/RV64
-ssha256.sig0    rd rs1           31..25=7  24..20=0  14..12=7  6..0=0x2B
-ssha256.sig1    rd rs1           31..25=7  24..20=1  14..12=7  6..0=0x2B
-ssha256.sum0    rd rs1           31..25=7  24..20=2  14..12=7  6..0=0x2B
-ssha256.sum1    rd rs1           31..25=7  24..20=3  14..12=7  6..0=0x2B
+sha256sig0    rd rs1           31..25=7  24..20=0  14..12=7  6..0=0x2B
+sha256sig1    rd rs1           31..25=7  24..20=1  14..12=7  6..0=0x2B
+sha256sum0    rd rs1           31..25=7  24..20=2  14..12=7  6..0=0x2B
+sha256sum1    rd rs1           31..25=7  24..20=3  14..12=7  6..0=0x2B
 
 # Scalar SM3 - RV32, RV64
-ssm3.p0         rd rs1           31..25=7  24..20=8  14..12=7  6..0=0x2B
-ssm3.p1         rd rs1           31..25=7  24..20=9  14..12=7  6..0=0x2B
+sm3p0         rd rs1           31..25=7  24..20=8  14..12=7  6..0=0x2B
+sm3p1         rd rs1           31..25=7  24..20=9  14..12=7  6..0=0x2B
                                                      
 # Scalar SHA512 - RV32                                               
-ssha512.sig0l   rd rs1 rs2       31..25=8            14..12=7  6..0=0x2B
-ssha512.sig0h   rd rs1 rs2       31..25=9            14..12=7  6..0=0x2B
-ssha512.sig1l   rd rs1 rs2       31..25=10           14..12=7  6..0=0x2B
-ssha512.sig1h   rd rs1 rs2       31..25=11           14..12=7  6..0=0x2B
-ssha512.sum0r   rd rs1 rs2       31..25=12           14..12=7  6..0=0x2B
-ssha512.sum1r   rd rs1 rs2       31..25=13           14..12=7  6..0=0x2B
+sha512sig0l   rd rs1 rs2       31..25=8            14..12=7  6..0=0x2B
+sha512sig0h   rd rs1 rs2       31..25=9            14..12=7  6..0=0x2B
+sha512sig1l   rd rs1 rs2       31..25=10           14..12=7  6..0=0x2B
+sha512sig1h   rd rs1 rs2       31..25=11           14..12=7  6..0=0x2B
+sha512sum0r   rd rs1 rs2       31..25=12           14..12=7  6..0=0x2B
+sha512sum1r   rd rs1 rs2       31..25=13           14..12=7  6..0=0x2B
                                                      
 # Scalar SHA512 - RV64                                               
-ssha512.sig0    rd rs1           31..25=7  24..20=4  14..12=7  6..0=0x2B
-ssha512.sig1    rd rs1           31..25=7  24..20=5  14..12=7  6..0=0x2B
-ssha512.sum0    rd rs1           31..25=7  24..20=6  14..12=7  6..0=0x2B
-ssha512.sum1    rd rs1           31..25=7  24..20=7  14..12=7  6..0=0x2B
+sha512sig0    rd rs1           31..25=7  24..20=4  14..12=7  6..0=0x2B
+sha512sig1    rd rs1           31..25=7  24..20=5  14..12=7  6..0=0x2B
+sha512sum0    rd rs1           31..25=7  24..20=6  14..12=7  6..0=0x2B
+sha512sum1    rd rs1           31..25=7  24..20=7  14..12=7  6..0=0x2B
 
 # Poll Entropy Instruction
-pollentropy     rd shamtw        31..25=15 19..15=10 14..12=7  6..0=0x2B
+pollentropyi    rd shamtw        31..25=15 19..15=10 14..12=7  6..0=0x2B
 
diff --git a/tools/opcodes-crypto-vector b/tools/opcodes-crypto-vector
index e4df2718..97db3c28 100644
--- a/tools/opcodes-crypto-vector
+++ b/tools/opcodes-crypto-vector
@@ -23,12 +23,12 @@ vaese.vv       31..26=0x00 25=0  24..20=0x04 vs1      14..12=0b000 vt 6..0=0x5b
 vaeselast.vv   31..26=0x00 25=0  24..20=0x05 vs1      14..12=0b000 vt 6..0=0x5b
 vaesd.vv       31..26=0x00 25=0  24..20=0x06 vs1      14..12=0b000 vt 6..0=0x5b
 vaesdlast.vv   31..26=0x00 25=0  24..20=0x07 vs1      14..12=0b000 vt 6..0=0x5b
-vaes128keyi    31..26=0x00 25=0  24..20=0x08 19=0 rnd 14..12=0b000 vt 6..0=0x5b
-vaes128invkeyi 31..26=0x00 25=0  24..20=0x08 19=1 rnd 14..12=0b000 vt 6..0=0x5b
-vaes192keyi    31..26=0x01 25=0  vs2         19=0 rnd 14..12=0b000 vt 6..0=0x5b
-vaes192invkeyi 31..26=0x01 25=0  vs2         19=1 rnd 14..12=0b000 vt 6..0=0x5b
-vaes256keyi    31..26=0x01 25=1  vs2         19=0 rnd 14..12=0b000 vt 6..0=0x5b
-vaes256invkeyi 31..26=0x01 25=1  vs2         19=1 rnd 14..12=0b000 vt 6..0=0x5b
+vaes128keyi.vv    31..26=0x00 25=0  24..20=0x08 19=0 rnd 14..12=0b000 vt 6..0=0x5b
+vaes128invkeyi.vv 31..26=0x00 25=0  24..20=0x08 19=1 rnd 14..12=0b000 vt 6..0=0x5b
+vaes192keyi.vv    31..26=0x01 25=0  vs2         19=0 rnd 14..12=0b000 vt 6..0=0x5b
+vaes192invkeyi.vv 31..26=0x01 25=0  vs2         19=1 rnd 14..12=0b000 vt 6..0=0x5b
+vaes256keyi.vv    31..26=0x01 25=1  vs2         19=0 rnd 14..12=0b000 vt 6..0=0x5b
+vaes256invkeyi.vv 31..26=0x01 25=1  vs2         19=1 rnd 14..12=0b000 vt 6..0=0x5b
 
 vaese128.vs    31..26=0x02 25=0  24..20=0x00 vs1      14..12=0b000 vt 6..0=0x5b
 vaese192.vs    31..26=0x02 25=0  24..20=0x01 vs1      14..12=0b000 vt 6..0=0x5b
@@ -42,13 +42,13 @@ vaese256.vv    31..26=0x02 25=0  24..20=0x08 vs1      14..12=0b000 vt 6..0=0x5b
 vaesd128.vv    31..26=0x02 25=0  24..20=0x09 vs1      14..12=0b000 vt 6..0=0x5b
 vaesd192.vv    31..26=0x02 25=0  24..20=0x0A vs1      14..12=0b000 vt 6..0=0x5b
 vaesd256.vv    31..26=0x02 25=0  24..20=0x0B vs1      14..12=0b000 vt 6..0=0x5b
-vaes128rkey    31..26=0x02 25=0  24..20=0x0C 19..15=0 14..12=0b000 vt 6..0=0x5b
-vaes192rkey    31..26=0x02 25=0  24..20=0x0C 19..15=1 14..12=0b000 vt 6..0=0x5b
-vaes256rkey    31..26=0x02 25=0  24..20=0x0C 19..15=2 14..12=0b000 vt 6..0=0x5b
+vaes128rkey.vv 31..26=0x02 25=0  24..20=0x0C 19..15=0 14..12=0b000 vt 6..0=0x5b
+vaes192rkey.vv 31..26=0x02 25=0  24..20=0x0C 19..15=1 14..12=0b000 vt 6..0=0x5b
+vaes256rkey.vv 31..26=0x02 25=0  24..20=0x0C 19..15=2 14..12=0b000 vt 6..0=0x5b
 
-vsha2.ws       31..26=0x03 25=0  vs2         19=0 rnd 14..12=0b000 vt 6..0=0x5b
-vsha2.ms       31..26=0x03 25=1  24..20=0x00 vs1      14..12=0b000 vd 6..0=0x5b
-vsha2.hs       31..26=0x03 25=1  24..20=0x01 vs1      14..12=0b000 vt 6..0=0x5b
+vsha2wsi.vv    31..26=0x03 25=0  vs2         19=0 rnd 14..12=0b000 vt 6..0=0x5b
+vsha2ms.vv     31..26=0x03 25=1  24..20=0x00 vs1      14..12=0b000 vd 6..0=0x5b
+vsha2hs.vv     31..26=0x03 25=1  24..20=0x01 vs1      14..12=0b000 vt 6..0=0x5b
 
 vclmul.vv      31..26=0x10  vm   vs2         vs1      14..12=0b000 vd 6..0=0x5b
 vclmul.vs      31..26=0x11  vm   vs2         vs1      14..12=0b000 vd 6..0=0x5b
diff --git a/tools/patch-binutils.patch b/tools/patch-binutils.patch
index 3cd0a53e..8a369a68 100644
--- a/tools/patch-binutils.patch
+++ b/tools/patch-binutils.patch
@@ -49,7 +49,7 @@ index 9ecdcab0b6..1834f7c08b 100644
  	    case 'd':		/* Destination register.  */
  	    case 's':		/* Source register.  */
 diff --git a/include/opcode/riscv-opc.h b/include/opcode/riscv-opc.h
-index 6c750a33b1..2748204cf2 100644
+index 6c750a33b1..6ea5d43e7a 100644
 --- a/include/opcode/riscv-opc.h
 +++ b/include/opcode/riscv-opc.h
 @@ -343,6 +343,68 @@
@@ -57,66 +57,66 @@ index 6c750a33b1..2748204cf2 100644
  #define MATCH_GREVIW 0x6800501b
  #define MASK_GREVIW  0xfe00707f
 +// Crypto ISE - Begin
-+#define MATCH_SSM4_ED 0x800302b
-+#define MASK_SSM4_ED 0x3e00707f
-+#define MATCH_SSM4_KS 0xa00302b
-+#define MASK_SSM4_KS 0x3e00707f
-+#define MATCH_SAES32_ENCSM 0x202b
-+#define MASK_SAES32_ENCSM 0x3e00707f
-+#define MATCH_SAES32_ENCS 0x200202b
-+#define MASK_SAES32_ENCS 0x3e00707f
-+#define MATCH_SAES32_DECSM 0x400202b
-+#define MASK_SAES32_DECSM 0x3e00707f
-+#define MATCH_SAES32_DECS 0x600202b
-+#define MASK_SAES32_DECS 0x3e00707f
-+#define MATCH_SAES64_KS1 0x800202b
-+#define MASK_SAES64_KS1 0xff00707f
-+#define MATCH_SAES64_KS2 0xa00202b
-+#define MASK_SAES64_KS2 0xfe00707f
-+#define MATCH_SAES64_IMIX 0xc10202b
-+#define MASK_SAES64_IMIX 0xfff0707f
-+#define MATCH_SAES64_ENCSM 0xe00202b
-+#define MASK_SAES64_ENCSM 0xfe00707f
-+#define MATCH_SAES64_ENCS 0x1000202b
-+#define MASK_SAES64_ENCS 0xfe00707f
-+#define MATCH_SAES64_DECSM 0x1200202b
-+#define MASK_SAES64_DECSM 0xfe00707f
-+#define MATCH_SAES64_DECS 0x1400202b
-+#define MASK_SAES64_DECS 0xfe00707f
-+#define MATCH_SSHA256_SIG0 0xe00702b
-+#define MASK_SSHA256_SIG0 0xfff0707f
-+#define MATCH_SSHA256_SIG1 0xe10702b
-+#define MASK_SSHA256_SIG1 0xfff0707f
-+#define MATCH_SSHA256_SUM0 0xe20702b
-+#define MASK_SSHA256_SUM0 0xfff0707f
-+#define MATCH_SSHA256_SUM1 0xe30702b
-+#define MASK_SSHA256_SUM1 0xfff0707f
-+#define MATCH_SSM3_P0 0xe80702b
-+#define MASK_SSM3_P0 0xfff0707f
-+#define MATCH_SSM3_P1 0xe90702b
-+#define MASK_SSM3_P1 0xfff0707f
-+#define MATCH_SSHA512_SIG0L 0x1000702b
-+#define MASK_SSHA512_SIG0L 0xfe00707f
-+#define MATCH_SSHA512_SIG0H 0x1200702b
-+#define MASK_SSHA512_SIG0H 0xfe00707f
-+#define MATCH_SSHA512_SIG1L 0x1400702b
-+#define MASK_SSHA512_SIG1L 0xfe00707f
-+#define MATCH_SSHA512_SIG1H 0x1600702b
-+#define MASK_SSHA512_SIG1H 0xfe00707f
-+#define MATCH_SSHA512_SUM0R 0x1800702b
-+#define MASK_SSHA512_SUM0R 0xfe00707f
-+#define MATCH_SSHA512_SUM1R 0x1a00702b
-+#define MASK_SSHA512_SUM1R 0xfe00707f
-+#define MATCH_SSHA512_SIG0 0xe40702b
-+#define MASK_SSHA512_SIG0 0xfff0707f
-+#define MATCH_SSHA512_SIG1 0xe50702b
-+#define MASK_SSHA512_SIG1 0xfff0707f
-+#define MATCH_SSHA512_SUM0 0xe60702b
-+#define MASK_SSHA512_SUM0 0xfff0707f
-+#define MATCH_SSHA512_SUM1 0xe70702b
-+#define MASK_SSHA512_SUM1 0xfff0707f
-+#define MATCH_POLLENTROPY 0x1e05702b
-+#define MASK_POLLENTROPY 0xfe0ff07f
++#define MATCH_SM4ED 0x800302b
++#define MASK_SM4ED 0x3e00707f
++#define MATCH_SM4KS 0xa00302b
++#define MASK_SM4KS 0x3e00707f
++#define MATCH_AES32ESMI 0x202b
++#define MASK_AES32ESMI 0x3e00707f
++#define MATCH_AES32ESI 0x200202b
++#define MASK_AES32ESI 0x3e00707f
++#define MATCH_AES32DSMI 0x400202b
++#define MASK_AES32DSMI 0x3e00707f
++#define MATCH_AES32DSI 0x600202b
++#define MASK_AES32DSI 0x3e00707f
++#define MATCH_AES64KS1I 0x800202b
++#define MASK_AES64KS1I 0xff00707f
++#define MATCH_AES64KS2 0xa00202b
++#define MASK_AES64KS2 0xfe00707f
++#define MATCH_AES64IM 0xc10202b
++#define MASK_AES64IM 0xfff0707f
++#define MATCH_AES64ESM 0xe00202b
++#define MASK_AES64ESM 0xfe00707f
++#define MATCH_AES64ES 0x1000202b
++#define MASK_AES64ES 0xfe00707f
++#define MATCH_AES64DSM 0x1200202b
++#define MASK_AES64DSM 0xfe00707f
++#define MATCH_AES64DS 0x1400202b
++#define MASK_AES64DS 0xfe00707f
++#define MATCH_SHA256SIG0 0xe00702b
++#define MASK_SHA256SIG0 0xfff0707f
++#define MATCH_SHA256SIG1 0xe10702b
++#define MASK_SHA256SIG1 0xfff0707f
++#define MATCH_SHA256SUM0 0xe20702b
++#define MASK_SHA256SUM0 0xfff0707f
++#define MATCH_SHA256SUM1 0xe30702b
++#define MASK_SHA256SUM1 0xfff0707f
++#define MATCH_SM3P0 0xe80702b
++#define MASK_SM3P0 0xfff0707f
++#define MATCH_SM3P1 0xe90702b
++#define MASK_SM3P1 0xfff0707f
++#define MATCH_SHA512SIG0L 0x1000702b
++#define MASK_SHA512SIG0L 0xfe00707f
++#define MATCH_SHA512SIG0H 0x1200702b
++#define MASK_SHA512SIG0H 0xfe00707f
++#define MATCH_SHA512SIG1L 0x1400702b
++#define MASK_SHA512SIG1L 0xfe00707f
++#define MATCH_SHA512SIG1H 0x1600702b
++#define MASK_SHA512SIG1H 0xfe00707f
++#define MATCH_SHA512SUM0R 0x1800702b
++#define MASK_SHA512SUM0R 0xfe00707f
++#define MATCH_SHA512SUM1R 0x1a00702b
++#define MASK_SHA512SUM1R 0xfe00707f
++#define MATCH_SHA512SIG0 0xe40702b
++#define MASK_SHA512SIG0 0xfff0707f
++#define MATCH_SHA512SIG1 0xe50702b
++#define MASK_SHA512SIG1 0xfff0707f
++#define MATCH_SHA512SUM0 0xe60702b
++#define MASK_SHA512SUM0 0xfff0707f
++#define MATCH_SHA512SUM1 0xe70702b
++#define MASK_SHA512SUM1 0xfff0707f
++#define MATCH_POLLENTROPYI 0x1e05702b
++#define MASK_POLLENTROPYI 0xfe0ff07f
 +// Crypto ISE - end
  #define MATCH_FSLW 0x400103b
  #define MASK_FSLW  0x600707f
@@ -162,44 +162,135 @@ index 19f10c0e55..7506f2bc80 100644
  	case 'z':
  	  print (info->stream, "%s", riscv_gpr_names[0]);
 diff --git a/opcodes/riscv-opc.c b/opcodes/riscv-opc.c
-index e99febc823..4b94e79658 100644
+index e99febc823..f60c7df9bf 100644
 --- a/opcodes/riscv-opc.c
 +++ b/opcodes/riscv-opc.c
+@@ -496,27 +496,27 @@ const struct riscv_opcode riscv_opcodes[] =
+ {"remuw",    64, INSN_CLASS_M, "d,s,t",  MATCH_REMUW, MASK_REMUW, match_opcode, 0 },
+ 
+ /* Bitmanip instruction subset */
+-{"andn",      0, INSN_CLASS_B_OR_ZBB_OR_ZBP,   "d,s,t",  MATCH_ANDN, MASK_ANDN, match_opcode, 0 },
+-{"orn",       0, INSN_CLASS_B_OR_ZBB_OR_ZBP,   "d,s,t",  MATCH_ORN, MASK_ORN, match_opcode, 0 },
+-{"xnor",      0, INSN_CLASS_B_OR_ZBB_OR_ZBP,   "d,s,t",  MATCH_XNOR, MASK_XNOR, match_opcode, 0 },
++{"andn",      0, INSN_CLASS_I              ,   "d,s,t",  MATCH_ANDN, MASK_ANDN, match_opcode, 0 },
++{"orn",       0, INSN_CLASS_I              ,   "d,s,t",  MATCH_ORN, MASK_ORN, match_opcode, 0 },
++{"xnor",      0, INSN_CLASS_I              ,   "d,s,t",  MATCH_XNOR, MASK_XNOR, match_opcode, 0 },
+ {"sloi",      0, INSN_CLASS_B_OR_ZBP,   "d,s,>",  MATCH_SLOI, MASK_SLOI, match_opcode, 0 },
+ {"sroi",      0, INSN_CLASS_B_OR_ZBP,   "d,s,>",  MATCH_SROI, MASK_SROI, match_opcode, 0 },
+-{"roli",      0, INSN_CLASS_B_OR_ZBB_OR_ZBP,   "d,s,>",  0, (int) M_RL, match_never, INSN_MACRO },
+-{"rori",      0, INSN_CLASS_B_OR_ZBB_OR_ZBP,   "d,s,>",  MATCH_RORI, MASK_RORI, match_opcode, 0 },
++{"roli",      0, INSN_CLASS_I              ,   "d,s,>",  0, (int) M_RL, match_never, INSN_MACRO },
++{"rori",      0, INSN_CLASS_I              ,   "d,s,>",  MATCH_RORI, MASK_RORI, match_opcode, 0 },
+ {"slo",       0, INSN_CLASS_B_OR_ZBP,   "d,s,t",  MATCH_SLO, MASK_SLO, match_opcode, 0 },
+ {"slo",       0, INSN_CLASS_B_OR_ZBP,   "d,s,>",  MATCH_SLOI, MASK_SLOI, match_opcode, INSN_ALIAS },
+ {"sro",       0, INSN_CLASS_B_OR_ZBP,   "d,s,t",  MATCH_SRO, MASK_SRO, match_opcode, 0 },
+ {"sro",       0, INSN_CLASS_B_OR_ZBP,   "d,s,>",  MATCH_SROI, MASK_SROI, match_opcode, INSN_ALIAS },
+-{"rol",       0, INSN_CLASS_B_OR_ZBB_OR_ZBP,   "d,s,t",  MATCH_ROL, MASK_ROL, match_opcode, 0 },
+-{"rol",       0, INSN_CLASS_B_OR_ZBB_OR_ZBP,   "d,s,>",  0, (int) M_RL, match_never, INSN_MACRO },
+-{"ror",       0, INSN_CLASS_B_OR_ZBB_OR_ZBP,   "d,s,t",  MATCH_ROR, MASK_ROR, match_opcode, 0 },
+-{"ror",       0, INSN_CLASS_B_OR_ZBB_OR_ZBP,   "d,s,>",  MATCH_RORI, MASK_RORI, match_opcode, INSN_ALIAS },
++{"rol",       0, INSN_CLASS_I              ,   "d,s,t",  MATCH_ROL, MASK_ROL, match_opcode, 0 },
++{"rol",       0, INSN_CLASS_I              ,   "d,s,>",  0, (int) M_RL, match_never, INSN_MACRO },
++{"ror",       0, INSN_CLASS_I              ,   "d,s,t",  MATCH_ROR, MASK_ROR, match_opcode, 0 },
++{"ror",       0, INSN_CLASS_I              ,   "d,s,>",  MATCH_RORI, MASK_RORI, match_opcode, INSN_ALIAS },
+ {"sbclri",    0, INSN_CLASS_B_OR_ZBS,   "d,s,>",  MATCH_SBCLRI, MASK_SBCLRI, match_opcode, 0 },
+ {"sbseti",    0, INSN_CLASS_B_OR_ZBS,   "d,s,>",  MATCH_SBSETI, MASK_SBSETI, match_opcode, 0 },
+ {"sbinvi",    0, INSN_CLASS_B_OR_ZBS,   "d,s,>",  MATCH_SBINVI, MASK_SBINVI, match_opcode, 0 },
+ {"sbexti",    0, INSN_CLASS_B_OR_ZBS,   "d,s,>",  MATCH_SBEXTI, MASK_SBEXTI, match_opcode, 0 },
+-{"gorci",     0, INSN_CLASS_B_OR_ZBP,   "d,s,>",  MATCH_GORCI, MASK_GORCI, match_opcode, 0 },
+-{"grevi",     0, INSN_CLASS_B_OR_ZBP,   "d,s,>",  MATCH_GREVI, MASK_GREVI, match_opcode, 0 },
++{"gorci",     0, INSN_CLASS_I       ,   "d,s,>",  MATCH_GORCI, MASK_GORCI, match_opcode, 0 },
++{"grevi",     0, INSN_CLASS_I       ,   "d,s,>",  MATCH_GREVI, MASK_GREVI, match_opcode, 0 },
+ {"sbclr",     0, INSN_CLASS_B_OR_ZBS,   "d,s,t",  MATCH_SBCLR, MASK_SBCLR, match_opcode, 0 },
+ {"sbclr",     0, INSN_CLASS_B_OR_ZBS,   "d,s,>",  MATCH_SBCLRI, MASK_SBCLRI, match_opcode, INSN_ALIAS },
+ {"sbset",     0, INSN_CLASS_B_OR_ZBS,   "d,s,t",  MATCH_SBSET, MASK_SBSET, match_opcode, 0 },
+@@ -525,10 +525,10 @@ const struct riscv_opcode riscv_opcodes[] =
+ {"sbinv",     0, INSN_CLASS_B_OR_ZBS,   "d,s,>",  MATCH_SBINVI, MASK_SBINVI, match_opcode, INSN_ALIAS },
+ {"sbext",     0, INSN_CLASS_B_OR_ZBS,   "d,s,t",  MATCH_SBEXT, MASK_SBEXT, match_opcode, 0 },
+ {"sbext",     0, INSN_CLASS_B_OR_ZBS,   "d,s,>",  MATCH_SBEXTI, MASK_SBEXTI, match_opcode, INSN_ALIAS },
+-{"gorc",      0, INSN_CLASS_B_OR_ZBP,   "d,s,t",  MATCH_GORC, MASK_GORC, match_opcode, 0 },
+-{"gorc",      0, INSN_CLASS_B_OR_ZBP,   "d,s,>",  MATCH_GORCI, MASK_GORCI, match_opcode, INSN_ALIAS },
+-{"grev",      0, INSN_CLASS_B_OR_ZBP,   "d,s,t",  MATCH_GREV, MASK_GREV, match_opcode, 0 },
+-{"grev",      0, INSN_CLASS_B_OR_ZBP,   "d,s,>",  MATCH_GREVI, MASK_GREVI, match_opcode, INSN_ALIAS },
++{"gorc",      0, INSN_CLASS_I       ,   "d,s,t",  MATCH_GORC, MASK_GORC, match_opcode, 0 },
++{"gorc",      0, INSN_CLASS_I       ,   "d,s,>",  MATCH_GORCI, MASK_GORCI, match_opcode, INSN_ALIAS },
++{"grev",      0, INSN_CLASS_I       ,   "d,s,t",  MATCH_GREV, MASK_GREV, match_opcode, 0 },
++{"grev",      0, INSN_CLASS_I       ,   "d,s,>",  MATCH_GREVI, MASK_GREVI, match_opcode, INSN_ALIAS },
+ {"cmix",      0, INSN_CLASS_B_OR_ZBT,   "d,t,s,r",  MATCH_CMIX, MASK_CMIX, match_opcode, 0 },
+ {"cmov",      0, INSN_CLASS_B_OR_ZBT,   "d,t,s,r",  MATCH_CMOV, MASK_CMOV, match_opcode, 0 },
+ {"fsli",      0, INSN_CLASS_B_OR_ZBT,   "d,s,r,>",  0, (int) M_FL, match_never, INSN_MACRO },
+@@ -554,24 +554,24 @@ const struct riscv_opcode riscv_opcodes[] =
+ {"sh1add",    0, INSN_CLASS_B_OR_ZBA,   "d,s,t",  MATCH_SH1ADD, MASK_SH1ADD, match_opcode, 0 },
+ {"sh2add",    0, INSN_CLASS_B_OR_ZBA,   "d,s,t",  MATCH_SH2ADD, MASK_SH2ADD, match_opcode, 0 },
+ {"sh3add",    0, INSN_CLASS_B_OR_ZBA,   "d,s,t",  MATCH_SH3ADD, MASK_SH3ADD, match_opcode, 0 },
+-{"clmul",     0, INSN_CLASS_B_OR_ZBC,   "d,s,t",  MATCH_CLMUL, MASK_CLMUL, match_opcode, 0 },
+-{"clmulh",    0, INSN_CLASS_B_OR_ZBC,   "d,s,t",  MATCH_CLMULH, MASK_CLMULH, match_opcode, 0 },
+-{"clmulr",    0, INSN_CLASS_B_OR_ZBC,   "d,s,t",  MATCH_CLMULR, MASK_CLMULR, match_opcode, 0 },
++{"clmul",     0, INSN_CLASS_I       ,   "d,s,t",  MATCH_CLMUL, MASK_CLMUL, match_opcode, 0 },
++{"clmulh",    0, INSN_CLASS_I       ,   "d,s,t",  MATCH_CLMULH, MASK_CLMULH, match_opcode, 0 },
++{"clmulr",    0, INSN_CLASS_I       ,   "d,s,t",  MATCH_CLMULR, MASK_CLMULR, match_opcode, 0 },
+ {"min",       0, INSN_CLASS_B_OR_ZBB,   "d,s,t",  MATCH_MIN, MASK_MIN, match_opcode, 0 },
+ {"max",       0, INSN_CLASS_B_OR_ZBB,   "d,s,t",  MATCH_MAX, MASK_MAX, match_opcode, 0 },
+ {"minu",      0, INSN_CLASS_B_OR_ZBB,   "d,s,t",  MATCH_MINU, MASK_MINU, match_opcode, 0 },
+ {"maxu",      0, INSN_CLASS_B_OR_ZBB,   "d,s,t",  MATCH_MAXU, MASK_MAXU, match_opcode, 0 },
+-{"shfli",     0, INSN_CLASS_B_OR_ZBP,   "d,s,|",  MATCH_SHFLI, MASK_SHFLI, match_opcode, 0 },
+-{"unshfli",   0, INSN_CLASS_B_OR_ZBP,   "d,s,|",  MATCH_UNSHFLI, MASK_UNSHFLI, match_opcode, 0 },
+-{"shfl",      0, INSN_CLASS_B_OR_ZBP,   "d,s,t",  MATCH_SHFL, MASK_SHFL, match_opcode, 0 },
+-{"shfl",      0, INSN_CLASS_B_OR_ZBP,   "d,s,|",  MATCH_SHFLI, MASK_SHFLI, match_opcode, INSN_ALIAS },
+-{"unshfl",    0, INSN_CLASS_B_OR_ZBP,   "d,s,t",  MATCH_UNSHFL, MASK_UNSHFL, match_opcode, 0 },
+-{"unshfl",    0, INSN_CLASS_B_OR_ZBP,   "d,s,|",  MATCH_UNSHFLI, MASK_UNSHFLI, match_opcode, INSN_ALIAS },
++{"shfli",     0, INSN_CLASS_I       ,   "d,s,|",  MATCH_SHFLI, MASK_SHFLI, match_opcode, 0 },
++{"unshfli",   0, INSN_CLASS_I       ,   "d,s,|",  MATCH_UNSHFLI, MASK_UNSHFLI, match_opcode, 0 },
++{"shfl",      0, INSN_CLASS_I       ,   "d,s,t",  MATCH_SHFL, MASK_SHFL, match_opcode, 0 },
++{"shfl",      0, INSN_CLASS_I       ,   "d,s,|",  MATCH_SHFLI, MASK_SHFLI, match_opcode, INSN_ALIAS },
++{"unshfl",    0, INSN_CLASS_I       ,   "d,s,t",  MATCH_UNSHFL, MASK_UNSHFL, match_opcode, 0 },
++{"unshfl",    0, INSN_CLASS_I       ,   "d,s,|",  MATCH_UNSHFLI, MASK_UNSHFLI, match_opcode, INSN_ALIAS },
+ {"bdep",      0, INSN_CLASS_B_OR_ZBE,   "d,s,t",  MATCH_BDEP, MASK_BDEP, match_opcode, 0 },
+ {"bext",      0, INSN_CLASS_B_OR_ZBE,   "d,s,t",  MATCH_BEXT, MASK_BEXT, match_opcode, 0 },
+-{"pack",      0, INSN_CLASS_B_OR_ZBB_OR_ZBP,   "d,s,t",  MATCH_PACK, MASK_PACK, match_opcode, 0 },
+-{"packu",     0, INSN_CLASS_B_OR_ZBB_OR_ZBP,   "d,s,t",  MATCH_PACKU, MASK_PACKU, match_opcode, 0 },
+-{"packh",     0, INSN_CLASS_B_OR_ZBB_OR_ZBP,   "d,s,t",  MATCH_PACKH, MASK_PACKH, match_opcode, 0 },
++{"pack",      0, INSN_CLASS_I              ,   "d,s,t",  MATCH_PACK, MASK_PACK, match_opcode, 0 },
++{"packu",     0, INSN_CLASS_I              ,   "d,s,t",  MATCH_PACKU, MASK_PACKU, match_opcode, 0 },
++{"packh",     0, INSN_CLASS_I              ,   "d,s,t",  MATCH_PACKH, MASK_PACKH, match_opcode, 0 },
+ {"bmator",   64, INSN_CLASS_B_OR_ZBM,   "d,s,t",  MATCH_BMATOR, MASK_BMATOR, match_opcode, 0 },
+ {"bmatxor",  64, INSN_CLASS_B_OR_ZBM,   "d,s,t",  MATCH_BMATXOR, MASK_BMATXOR, match_opcode, 0 },
+ {"bfp",       0, INSN_CLASS_B_OR_ZBF,   "d,s,t",  MATCH_BFP, MASK_BFP, match_opcode, 0 },
 @@ -709,6 +709,38 @@ const struct riscv_opcode riscv_opcodes[] =
  {"unzip2",    0, INSN_CLASS_B_OR_ZBP,   "d,s",  0, (int) M_PERM, match_never, INSN_MACRO },
  {"unzip",     0, INSN_CLASS_B_OR_ZBP,   "d,s",  0, (int) M_PERM, match_never, INSN_MACRO },
  
 +/* Scalar Crypto Instructions */
-+{"ssm4.ed"      , 0, INSN_CLASS_I,  "d,s,t,w", MATCH_SSM4_ED, MASK_SSM4_ED, match_opcode, 0},
-+{"ssm4.ks"      , 0, INSN_CLASS_I,  "d,s,t,w", MATCH_SSM4_KS, MASK_SSM4_KS, match_opcode, 0},
-+{"saes32.encsm" , 0, INSN_CLASS_I,  "d,s,t,w", MATCH_SAES32_ENCSM, MASK_SAES32_ENCSM, match_opcode, 0},
-+{"saes32.encs"  , 0, INSN_CLASS_I,  "d,s,t,w", MATCH_SAES32_ENCS, MASK_SAES32_ENCS, match_opcode, 0},
-+{"saes32.decsm" , 0, INSN_CLASS_I,  "d,s,t,w", MATCH_SAES32_DECSM, MASK_SAES32_DECSM, match_opcode, 0},
-+{"saes32.decs"  , 0, INSN_CLASS_I,  "d,s,t,w", MATCH_SAES32_DECS, MASK_SAES32_DECS, match_opcode, 0},
-+{"saes64.ks1"   ,64, INSN_CLASS_I,    "d,s,W", MATCH_SAES64_KS1, MASK_SAES64_KS1, match_opcode, 0},
-+{"saes64.ks2"   ,64, INSN_CLASS_I,    "d,s,t", MATCH_SAES64_KS2, MASK_SAES64_KS2, match_opcode, 0},
-+{"saes64.imix"  ,64, INSN_CLASS_I,      "d,s", MATCH_SAES64_IMIX, MASK_SAES64_IMIX, match_opcode, 0},
-+{"saes64.encsm" ,64, INSN_CLASS_I,    "d,s,t", MATCH_SAES64_ENCSM, MASK_SAES64_ENCSM, match_opcode, 0},
-+{"saes64.encs"  ,64, INSN_CLASS_I,    "d,s,t", MATCH_SAES64_ENCS, MASK_SAES64_ENCS, match_opcode, 0},
-+{"saes64.decsm" ,64, INSN_CLASS_I,    "d,s,t", MATCH_SAES64_DECSM, MASK_SAES64_DECSM, match_opcode, 0},
-+{"saes64.decs"  ,64, INSN_CLASS_I,    "d,s,t", MATCH_SAES64_DECS, MASK_SAES64_DECS, match_opcode, 0},
-+{"ssha256.sig0" , 0, INSN_CLASS_I,      "d,s", MATCH_SSHA256_SIG0, MASK_SSHA256_SIG0, match_opcode, 0},
-+{"ssha256.sig1" , 0, INSN_CLASS_I,      "d,s", MATCH_SSHA256_SIG1, MASK_SSHA256_SIG1, match_opcode, 0},
-+{"ssha256.sum0" , 0, INSN_CLASS_I,      "d,s", MATCH_SSHA256_SUM0, MASK_SSHA256_SUM0, match_opcode, 0},
-+{"ssha256.sum1" , 0, INSN_CLASS_I,      "d,s", MATCH_SSHA256_SUM1, MASK_SSHA256_SUM1, match_opcode, 0},
-+{"ssm3.p0"      , 0, INSN_CLASS_I,      "d,s", MATCH_SSM3_P0, MASK_SSM3_P0, match_opcode, 0},
-+{"ssm3.p1"      , 0, INSN_CLASS_I,      "d,s", MATCH_SSM3_P1, MASK_SSM3_P1, match_opcode, 0},
-+{"ssha512.sig0l", 0, INSN_CLASS_I,    "d,s,t", MATCH_SSHA512_SIG0L, MASK_SSHA512_SIG0L, match_opcode, 0},
-+{"ssha512.sig0h", 0, INSN_CLASS_I,    "d,s,t", MATCH_SSHA512_SIG0H, MASK_SSHA512_SIG0H, match_opcode, 0},
-+{"ssha512.sig1l", 0, INSN_CLASS_I,    "d,s,t", MATCH_SSHA512_SIG1L, MASK_SSHA512_SIG1L, match_opcode, 0},
-+{"ssha512.sig1h", 0, INSN_CLASS_I,    "d,s,t", MATCH_SSHA512_SIG1H, MASK_SSHA512_SIG1H, match_opcode, 0},
-+{"ssha512.sum0r", 0, INSN_CLASS_I,    "d,s,t", MATCH_SSHA512_SUM0R, MASK_SSHA512_SUM0R, match_opcode, 0},
-+{"ssha512.sum1r", 0, INSN_CLASS_I,    "d,s,t", MATCH_SSHA512_SUM1R, MASK_SSHA512_SUM1R, match_opcode, 0},
-+{"ssha512.sig0" ,64, INSN_CLASS_I,      "d,s", MATCH_SSHA512_SIG0, MASK_SSHA512_SIG0, match_opcode, 0},
-+{"ssha512.sig1" ,64, INSN_CLASS_I,      "d,s", MATCH_SSHA512_SIG1, MASK_SSHA512_SIG1, match_opcode, 0},
-+{"ssha512.sum0" ,64, INSN_CLASS_I,      "d,s", MATCH_SSHA512_SUM0, MASK_SSHA512_SUM0, match_opcode, 0},
-+{"ssha512.sum1" ,64, INSN_CLASS_I,      "d,s", MATCH_SSHA512_SUM1, MASK_SSHA512_SUM1, match_opcode, 0},
-+{"pollentropy"  , 0, INSN_CLASS_I,      "d,>", MATCH_POLLENTROPY, MASK_POLLENTROPY, match_opcode, 0},
++{"sm4ed"        , 0, INSN_CLASS_I,  "d,s,t,w", MATCH_SM4ED, MASK_SM4ED, match_opcode, 0},
++{"sm4ks"        , 0, INSN_CLASS_I,  "d,s,t,w", MATCH_SM4KS, MASK_SM4KS, match_opcode, 0},
++{"aes32esmi"    , 0, INSN_CLASS_I,  "d,s,t,w", MATCH_AES32ESMI, MASK_AES32ESMI, match_opcode, 0},
++{"aes32esi"     , 0, INSN_CLASS_I,  "d,s,t,w", MATCH_AES32ESI, MASK_AES32ESI, match_opcode, 0},
++{"aes32dsmi"    , 0, INSN_CLASS_I,  "d,s,t,w", MATCH_AES32DSMI, MASK_AES32DSMI, match_opcode, 0},
++{"aes32dsi"     , 0, INSN_CLASS_I,  "d,s,t,w", MATCH_AES32DSI, MASK_AES32DSI, match_opcode, 0},
++{"aes64ks1i"    ,64, INSN_CLASS_I,    "d,s,W", MATCH_AES64KS1I, MASK_AES64KS1I, match_opcode, 0},
++{"aes64ks2"     ,64, INSN_CLASS_I,    "d,s,t", MATCH_AES64KS2, MASK_AES64KS2, match_opcode, 0},
++{"aes64im"      ,64, INSN_CLASS_I,      "d,s", MATCH_AES64IM, MASK_AES64IM, match_opcode, 0},
++{"aes64esm"     ,64, INSN_CLASS_I,    "d,s,t", MATCH_AES64ESM, MASK_AES64ESM, match_opcode, 0},
++{"aes64es"      ,64, INSN_CLASS_I,    "d,s,t", MATCH_AES64ES, MASK_AES64ES, match_opcode, 0},
++{"aes64dsm"     ,64, INSN_CLASS_I,    "d,s,t", MATCH_AES64DSM, MASK_AES64DSM, match_opcode, 0},
++{"aes64ds"      ,64, INSN_CLASS_I,    "d,s,t", MATCH_AES64DS, MASK_AES64DS, match_opcode, 0},
++{"sha256sig0"   , 0, INSN_CLASS_I,      "d,s", MATCH_SHA256SIG0, MASK_SHA256SIG0, match_opcode, 0},
++{"sha256sig1"   , 0, INSN_CLASS_I,      "d,s", MATCH_SHA256SIG1, MASK_SHA256SIG1, match_opcode, 0},
++{"sha256sum0"   , 0, INSN_CLASS_I,      "d,s", MATCH_SHA256SUM0, MASK_SHA256SUM0, match_opcode, 0},
++{"sha256sum1"   , 0, INSN_CLASS_I,      "d,s", MATCH_SHA256SUM1, MASK_SHA256SUM1, match_opcode, 0},
++{"sm3p0"        , 0, INSN_CLASS_I,      "d,s", MATCH_SM3P0, MASK_SM3P0, match_opcode, 0},
++{"sm3p1"        , 0, INSN_CLASS_I,      "d,s", MATCH_SM3P1, MASK_SM3P1, match_opcode, 0},
++{"sha512sig0l"  , 0, INSN_CLASS_I,    "d,s,t", MATCH_SHA512SIG0L, MASK_SHA512SIG0L, match_opcode, 0},
++{"sha512sig0h"  , 0, INSN_CLASS_I,    "d,s,t", MATCH_SHA512SIG0H, MASK_SHA512SIG0H, match_opcode, 0},
++{"sha512sig1l"  , 0, INSN_CLASS_I,    "d,s,t", MATCH_SHA512SIG1L, MASK_SHA512SIG1L, match_opcode, 0},
++{"sha512sig1h"  , 0, INSN_CLASS_I,    "d,s,t", MATCH_SHA512SIG1H, MASK_SHA512SIG1H, match_opcode, 0},
++{"sha512sum0r"  , 0, INSN_CLASS_I,    "d,s,t", MATCH_SHA512SUM0R, MASK_SHA512SUM0R, match_opcode, 0},
++{"sha512sum1r"  , 0, INSN_CLASS_I,    "d,s,t", MATCH_SHA512SUM1R, MASK_SHA512SUM1R, match_opcode, 0},
++{"sha512sig0"   ,64, INSN_CLASS_I,      "d,s", MATCH_SHA512SIG0, MASK_SHA512SIG0, match_opcode, 0},
++{"sha512sig1"   ,64, INSN_CLASS_I,      "d,s", MATCH_SHA512SIG1, MASK_SHA512SIG1, match_opcode, 0},
++{"sha512sum0"   ,64, INSN_CLASS_I,      "d,s", MATCH_SHA512SUM0, MASK_SHA512SUM0, match_opcode, 0},
++{"sha512sum1"   ,64, INSN_CLASS_I,      "d,s", MATCH_SHA512SUM1, MASK_SHA512SUM1, match_opcode, 0},
++{"pollentropyi" , 0, INSN_CLASS_I,      "d,>", MATCH_POLLENTROPYI, MASK_POLLENTROPYI, match_opcode, 0},
 +
  /* Single-precision floating-point instruction subset */
  {"frcsr",     0, INSN_CLASS_F,   "d",  MATCH_FRCSR, MASK_FRCSR, match_opcode, INSN_ALIAS },
diff --git a/tools/patch-spike.patch b/tools/patch-spike.patch
index 9ea40b65..f63c9cf2 100644
--- a/tools/patch-spike.patch
+++ b/tools/patch-spike.patch
@@ -13,7 +13,7 @@ index 9e03676..a76af54 100644
    int64_t rvc_zimm() { return x(2, 5) + (x(12, 1) << 5); }
    int64_t rvc_addi4spn_imm() { return (x(6, 1) << 2) + (x(5, 1) << 3) + (x(11, 2) << 4) + (x(7, 4) << 6); }
 diff --git a/riscv/encoding.h b/riscv/encoding.h
-index 3c4bf1c..714d88b 100644
+index 3c4bf1c..10e864f 100644
 --- a/riscv/encoding.h
 +++ b/riscv/encoding.h
 @@ -564,6 +564,68 @@
@@ -21,66 +21,66 @@ index 3c4bf1c..714d88b 100644
  #define MATCH_BFPW 0x4800703b
  #define MASK_BFPW  0xfe00707f
 +// Crypto ISE - Begin
-+#define MATCH_SSM4_ED 0x800302b
-+#define MASK_SSM4_ED 0x3e00707f
-+#define MATCH_SSM4_KS 0xa00302b
-+#define MASK_SSM4_KS 0x3e00707f
-+#define MATCH_SAES32_ENCSM 0x202b
-+#define MASK_SAES32_ENCSM 0x3e00707f
-+#define MATCH_SAES32_ENCS 0x200202b
-+#define MASK_SAES32_ENCS 0x3e00707f
-+#define MATCH_SAES32_DECSM 0x400202b
-+#define MASK_SAES32_DECSM 0x3e00707f
-+#define MATCH_SAES32_DECS 0x600202b
-+#define MASK_SAES32_DECS 0x3e00707f
-+#define MATCH_SAES64_KS1 0x800202b
-+#define MASK_SAES64_KS1 0xff00707f
-+#define MATCH_SAES64_KS2 0xa00202b
-+#define MASK_SAES64_KS2 0xfe00707f
-+#define MATCH_SAES64_IMIX 0xc10202b
-+#define MASK_SAES64_IMIX 0xfff0707f
-+#define MATCH_SAES64_ENCSM 0xe00202b
-+#define MASK_SAES64_ENCSM 0xfe00707f
-+#define MATCH_SAES64_ENCS 0x1000202b
-+#define MASK_SAES64_ENCS 0xfe00707f
-+#define MATCH_SAES64_DECSM 0x1200202b
-+#define MASK_SAES64_DECSM 0xfe00707f
-+#define MATCH_SAES64_DECS 0x1400202b
-+#define MASK_SAES64_DECS 0xfe00707f
-+#define MATCH_SSHA256_SIG0 0xe00702b
-+#define MASK_SSHA256_SIG0 0xfff0707f
-+#define MATCH_SSHA256_SIG1 0xe10702b
-+#define MASK_SSHA256_SIG1 0xfff0707f
-+#define MATCH_SSHA256_SUM0 0xe20702b
-+#define MASK_SSHA256_SUM0 0xfff0707f
-+#define MATCH_SSHA256_SUM1 0xe30702b
-+#define MASK_SSHA256_SUM1 0xfff0707f
-+#define MATCH_SSM3_P0 0xe80702b
-+#define MASK_SSM3_P0 0xfff0707f
-+#define MATCH_SSM3_P1 0xe90702b
-+#define MASK_SSM3_P1 0xfff0707f
-+#define MATCH_SSHA512_SIG0L 0x1000702b
-+#define MASK_SSHA512_SIG0L 0xfe00707f
-+#define MATCH_SSHA512_SIG0H 0x1200702b
-+#define MASK_SSHA512_SIG0H 0xfe00707f
-+#define MATCH_SSHA512_SIG1L 0x1400702b
-+#define MASK_SSHA512_SIG1L 0xfe00707f
-+#define MATCH_SSHA512_SIG1H 0x1600702b
-+#define MASK_SSHA512_SIG1H 0xfe00707f
-+#define MATCH_SSHA512_SUM0R 0x1800702b
-+#define MASK_SSHA512_SUM0R 0xfe00707f
-+#define MATCH_SSHA512_SUM1R 0x1a00702b
-+#define MASK_SSHA512_SUM1R 0xfe00707f
-+#define MATCH_SSHA512_SIG0 0xe40702b
-+#define MASK_SSHA512_SIG0 0xfff0707f
-+#define MATCH_SSHA512_SIG1 0xe50702b
-+#define MASK_SSHA512_SIG1 0xfff0707f
-+#define MATCH_SSHA512_SUM0 0xe60702b
-+#define MASK_SSHA512_SUM0 0xfff0707f
-+#define MATCH_SSHA512_SUM1 0xe70702b
-+#define MASK_SSHA512_SUM1 0xfff0707f
-+#define MATCH_POLLENTROPY 0x1e05702b
-+#define MASK_POLLENTROPY 0xfe0ff07f
++#define MATCH_SM4ED 0x800302b
++#define MASK_SM4ED 0x3e00707f
++#define MATCH_SM4KS 0xa00302b
++#define MASK_SM4KS 0x3e00707f
++#define MATCH_AES32ESMI 0x202b
++#define MASK_AES32ESMI 0x3e00707f
++#define MATCH_AES32ESI 0x200202b
++#define MASK_AES32ESI 0x3e00707f
++#define MATCH_AES32DSMI 0x400202b
++#define MASK_AES32DSMI 0x3e00707f
++#define MATCH_AES32DSI 0x600202b
++#define MASK_AES32DSI 0x3e00707f
++#define MATCH_AES64KS1I 0x800202b
++#define MASK_AES64KS1I 0xff00707f
++#define MATCH_AES64KS2 0xa00202b
++#define MASK_AES64KS2 0xfe00707f
++#define MATCH_AES64IM 0xc10202b
++#define MASK_AES64IM 0xfff0707f
++#define MATCH_AES64ESM 0xe00202b
++#define MASK_AES64ESM 0xfe00707f
++#define MATCH_AES64ES 0x1000202b
++#define MASK_AES64ES 0xfe00707f
++#define MATCH_AES64DSM 0x1200202b
++#define MASK_AES64DSM 0xfe00707f
++#define MATCH_AES64DS 0x1400202b
++#define MASK_AES64DS 0xfe00707f
++#define MATCH_SHA256SIG0 0xe00702b
++#define MASK_SHA256SIG0 0xfff0707f
++#define MATCH_SHA256SIG1 0xe10702b
++#define MASK_SHA256SIG1 0xfff0707f
++#define MATCH_SHA256SUM0 0xe20702b
++#define MASK_SHA256SUM0 0xfff0707f
++#define MATCH_SHA256SUM1 0xe30702b
++#define MASK_SHA256SUM1 0xfff0707f
++#define MATCH_SM3P0 0xe80702b
++#define MASK_SM3P0 0xfff0707f
++#define MATCH_SM3P1 0xe90702b
++#define MASK_SM3P1 0xfff0707f
++#define MATCH_SHA512SIG0L 0x1000702b
++#define MASK_SHA512SIG0L 0xfe00707f
++#define MATCH_SHA512SIG0H 0x1200702b
++#define MASK_SHA512SIG0H 0xfe00707f
++#define MATCH_SHA512SIG1L 0x1400702b
++#define MASK_SHA512SIG1L 0xfe00707f
++#define MATCH_SHA512SIG1H 0x1600702b
++#define MASK_SHA512SIG1H 0xfe00707f
++#define MATCH_SHA512SUM0R 0x1800702b
++#define MASK_SHA512SUM0R 0xfe00707f
++#define MATCH_SHA512SUM1R 0x1a00702b
++#define MASK_SHA512SUM1R 0xfe00707f
++#define MATCH_SHA512SIG0 0xe40702b
++#define MASK_SHA512SIG0 0xfff0707f
++#define MATCH_SHA512SIG1 0xe50702b
++#define MASK_SHA512SIG1 0xfff0707f
++#define MATCH_SHA512SUM0 0xe60702b
++#define MASK_SHA512SUM0 0xfff0707f
++#define MATCH_SHA512SUM1 0xe70702b
++#define MASK_SHA512SUM1 0xfff0707f
++#define MATCH_POLLENTROPYI 0x1e05702b
++#define MASK_POLLENTROPYI 0xfe0ff07f
 +// Crypto ISE - end
  #define MATCH_AMOADD_W 0x202f
  #define MASK_AMOADD_W  0xf800707f
@@ -90,58 +90,48 @@ index 3c4bf1c..714d88b 100644
  DECLARE_INSN(packuw, MATCH_PACKUW, MASK_PACKUW)
  DECLARE_INSN(bfpw, MATCH_BFPW, MASK_BFPW)
 +// Crypto ISE - Begin
-+DECLARE_INSN(ssm4_ed, MATCH_SSM4_ED, MASK_SSM4_ED)
-+DECLARE_INSN(ssm4_ks, MATCH_SSM4_KS, MASK_SSM4_KS)
-+DECLARE_INSN(saes32_encsm, MATCH_SAES32_ENCSM, MASK_SAES32_ENCSM)
-+DECLARE_INSN(saes32_encs, MATCH_SAES32_ENCS, MASK_SAES32_ENCS)
-+DECLARE_INSN(saes32_decsm, MATCH_SAES32_DECSM, MASK_SAES32_DECSM)
-+DECLARE_INSN(saes32_decs, MATCH_SAES32_DECS, MASK_SAES32_DECS)
-+DECLARE_INSN(saes64_ks1, MATCH_SAES64_KS1, MASK_SAES64_KS1)
-+DECLARE_INSN(saes64_ks2, MATCH_SAES64_KS2, MASK_SAES64_KS2)
-+DECLARE_INSN(saes64_imix, MATCH_SAES64_IMIX, MASK_SAES64_IMIX)
-+DECLARE_INSN(saes64_encsm, MATCH_SAES64_ENCSM, MASK_SAES64_ENCSM)
-+DECLARE_INSN(saes64_encs, MATCH_SAES64_ENCS, MASK_SAES64_ENCS)
-+DECLARE_INSN(saes64_decsm, MATCH_SAES64_DECSM, MASK_SAES64_DECSM)
-+DECLARE_INSN(saes64_decs, MATCH_SAES64_DECS, MASK_SAES64_DECS)
-+DECLARE_INSN(ssha256_sig0, MATCH_SSHA256_SIG0, MASK_SSHA256_SIG0)
-+DECLARE_INSN(ssha256_sig1, MATCH_SSHA256_SIG1, MASK_SSHA256_SIG1)
-+DECLARE_INSN(ssha256_sum0, MATCH_SSHA256_SUM0, MASK_SSHA256_SUM0)
-+DECLARE_INSN(ssha256_sum1, MATCH_SSHA256_SUM1, MASK_SSHA256_SUM1)
-+DECLARE_INSN(ssm3_p0, MATCH_SSM3_P0, MASK_SSM3_P0)
-+DECLARE_INSN(ssm3_p1, MATCH_SSM3_P1, MASK_SSM3_P1)
-+DECLARE_INSN(ssha512_sig0l, MATCH_SSHA512_SIG0L, MASK_SSHA512_SIG0L)
-+DECLARE_INSN(ssha512_sig0h, MATCH_SSHA512_SIG0H, MASK_SSHA512_SIG0H)
-+DECLARE_INSN(ssha512_sig1l, MATCH_SSHA512_SIG1L, MASK_SSHA512_SIG1L)
-+DECLARE_INSN(ssha512_sig1h, MATCH_SSHA512_SIG1H, MASK_SSHA512_SIG1H)
-+DECLARE_INSN(ssha512_sum0r, MATCH_SSHA512_SUM0R, MASK_SSHA512_SUM0R)
-+DECLARE_INSN(ssha512_sum1r, MATCH_SSHA512_SUM1R, MASK_SSHA512_SUM1R)
-+DECLARE_INSN(ssha512_sig0, MATCH_SSHA512_SIG0, MASK_SSHA512_SIG0)
-+DECLARE_INSN(ssha512_sig1, MATCH_SSHA512_SIG1, MASK_SSHA512_SIG1)
-+DECLARE_INSN(ssha512_sum0, MATCH_SSHA512_SUM0, MASK_SSHA512_SUM0)
-+DECLARE_INSN(ssha512_sum1, MATCH_SSHA512_SUM1, MASK_SSHA512_SUM1)
-+DECLARE_INSN(pollentropy, MATCH_POLLENTROPY, MASK_POLLENTROPY)
++DECLARE_INSN(sm4ed, MATCH_SM4ED, MASK_SM4ED)
++DECLARE_INSN(sm4ks, MATCH_SM4KS, MASK_SM4KS)
++DECLARE_INSN(aes32esmi, MATCH_AES32ESMI, MASK_AES32ESMI)
++DECLARE_INSN(aes32esi, MATCH_AES32ESI, MASK_AES32ESI)
++DECLARE_INSN(aes32dsmi, MATCH_AES32DSMI, MASK_AES32DSMI)
++DECLARE_INSN(aes32dsi, MATCH_AES32DSI, MASK_AES32DSI)
++DECLARE_INSN(aes64ks1i, MATCH_AES64KS1I, MASK_AES64KS1I)
++DECLARE_INSN(aes64ks2, MATCH_AES64KS2, MASK_AES64KS2)
++DECLARE_INSN(aes64im, MATCH_AES64IM, MASK_AES64IM)
++DECLARE_INSN(aes64esm, MATCH_AES64ESM, MASK_AES64ESM)
++DECLARE_INSN(aes64es, MATCH_AES64ES, MASK_AES64ES)
++DECLARE_INSN(aes64dsm, MATCH_AES64DSM, MASK_AES64DSM)
++DECLARE_INSN(aes64ds, MATCH_AES64DS, MASK_AES64DS)
++DECLARE_INSN(sha256sig0, MATCH_SHA256SIG0, MASK_SHA256SIG0)
++DECLARE_INSN(sha256sig1, MATCH_SHA256SIG1, MASK_SHA256SIG1)
++DECLARE_INSN(sha256sum0, MATCH_SHA256SUM0, MASK_SHA256SUM0)
++DECLARE_INSN(sha256sum1, MATCH_SHA256SUM1, MASK_SHA256SUM1)
++DECLARE_INSN(sm3p0, MATCH_SM3P0, MASK_SM3P0)
++DECLARE_INSN(sm3p1, MATCH_SM3P1, MASK_SM3P1)
++DECLARE_INSN(sha512sig0l, MATCH_SHA512SIG0L, MASK_SHA512SIG0L)
++DECLARE_INSN(sha512sig0h, MATCH_SHA512SIG0H, MASK_SHA512SIG0H)
++DECLARE_INSN(sha512sig1l, MATCH_SHA512SIG1L, MASK_SHA512SIG1L)
++DECLARE_INSN(sha512sig1h, MATCH_SHA512SIG1H, MASK_SHA512SIG1H)
++DECLARE_INSN(sha512sum0r, MATCH_SHA512SUM0R, MASK_SHA512SUM0R)
++DECLARE_INSN(sha512sum1r, MATCH_SHA512SUM1R, MASK_SHA512SUM1R)
++DECLARE_INSN(sha512sig0, MATCH_SHA512SIG0, MASK_SHA512SIG0)
++DECLARE_INSN(sha512sig1, MATCH_SHA512SIG1, MASK_SHA512SIG1)
++DECLARE_INSN(sha512sum0, MATCH_SHA512SUM0, MASK_SHA512SUM0)
++DECLARE_INSN(sha512sum1, MATCH_SHA512SUM1, MASK_SHA512SUM1)
++DECLARE_INSN(pollentropyi, MATCH_POLLENTROPYI, MASK_POLLENTROPYI)
 +// Crypto ISE - End
  DECLARE_INSN(amoadd_w, MATCH_AMOADD_W, MASK_AMOADD_W)
  DECLARE_INSN(amoxor_w, MATCH_AMOXOR_W, MASK_AMOXOR_W)
  DECLARE_INSN(amoor_w, MATCH_AMOOR_W, MASK_AMOOR_W)
-diff --git a/riscv/insns/pollentropy.h b/riscv/insns/pollentropy.h
+diff --git a/riscv/insns/aes32dsi.h b/riscv/insns/aes32dsi.h
 new file mode 100644
-index 0000000..ce23097
---- /dev/null
-+++ b/riscv/insns/pollentropy.h
-@@ -0,0 +1,4 @@
-+
-+//
-+// TODO
-+//
-diff --git a/riscv/insns/saes32_decs.h b/riscv/insns/saes32_decs.h
-new file mode 100644
-index 0000000..9ba2e92
+index 0000000..7e76822
 --- /dev/null
-+++ b/riscv/insns/saes32_decs.h
++++ b/riscv/insns/aes32dsi.h
 @@ -0,0 +1,14 @@
 +
-+#include "saes_common.h"
++#include "aes_common.h"
 +
 +uint8_t     bs = insn.bs();
 +
@@ -154,14 +144,14 @@ index 0000000..9ba2e92
 +WRITE_RD(u ^ RS1);
 +
 +
-diff --git a/riscv/insns/saes32_decsm.h b/riscv/insns/saes32_decsm.h
+diff --git a/riscv/insns/aes32dsmi.h b/riscv/insns/aes32dsmi.h
 new file mode 100644
-index 0000000..ceacf0d
+index 0000000..96b4654
 --- /dev/null
-+++ b/riscv/insns/saes32_decsm.h
++++ b/riscv/insns/aes32dsmi.h
 @@ -0,0 +1,21 @@
 +
-+#include "saes_common.h"
++#include "aes_common.h"
 +
 +uint8_t     bs = insn.bs();
 +
@@ -181,14 +171,14 @@ index 0000000..ceacf0d
 +
 +
 +
-diff --git a/riscv/insns/saes32_encs.h b/riscv/insns/saes32_encs.h
+diff --git a/riscv/insns/aes32esi.h b/riscv/insns/aes32esi.h
 new file mode 100644
-index 0000000..9a3d08a
+index 0000000..fa05961
 --- /dev/null
-+++ b/riscv/insns/saes32_encs.h
++++ b/riscv/insns/aes32esi.h
 @@ -0,0 +1,14 @@
 +
-+#include "saes_common.h"
++#include "aes_common.h"
 +
 +uint8_t     bs = insn.bs();
 +
@@ -201,14 +191,14 @@ index 0000000..9a3d08a
 +WRITE_RD(u ^ RS1);
 +
 +
-diff --git a/riscv/insns/saes32_encsm.h b/riscv/insns/saes32_encsm.h
+diff --git a/riscv/insns/aes32esmi.h b/riscv/insns/aes32esmi.h
 new file mode 100644
-index 0000000..a5d606e
+index 0000000..bb7d086
 --- /dev/null
-+++ b/riscv/insns/saes32_encsm.h
++++ b/riscv/insns/aes32esmi.h
 @@ -0,0 +1,18 @@
 +
-+#include "saes_common.h"
++#include "aes_common.h"
 +
 +uint8_t     bs = insn.bs();
 +
@@ -225,14 +215,14 @@ index 0000000..a5d606e
 +
 +WRITE_RD(u ^ RS1);
 +
-diff --git a/riscv/insns/saes64_decs.h b/riscv/insns/saes64_decs.h
+diff --git a/riscv/insns/aes64ds.h b/riscv/insns/aes64ds.h
 new file mode 100644
-index 0000000..4e5212a
+index 0000000..b833b39
 --- /dev/null
-+++ b/riscv/insns/saes64_decs.h
++++ b/riscv/insns/aes64ds.h
 @@ -0,0 +1,20 @@
 +
-+#include "saes_common.h"
++#include "aes_common.h"
 +
 +require_rv64;
 +
@@ -251,14 +241,14 @@ index 0000000..4e5212a
 +
 +WRITE_RD(temp);
 +
-diff --git a/riscv/insns/saes64_decsm.h b/riscv/insns/saes64_decsm.h
+diff --git a/riscv/insns/aes64dsm.h b/riscv/insns/aes64dsm.h
 new file mode 100644
-index 0000000..122bb5f
+index 0000000..6ebb117
 --- /dev/null
-+++ b/riscv/insns/saes64_decsm.h
++++ b/riscv/insns/aes64dsm.h
 @@ -0,0 +1,29 @@
 +
-+#include "saes_common.h"
++#include "aes_common.h"
 +
 +require_rv64;
 +
@@ -286,14 +276,14 @@ index 0000000..122bb5f
 +WRITE_RD(result);
 +
 +
-diff --git a/riscv/insns/saes64_encs.h b/riscv/insns/saes64_encs.h
+diff --git a/riscv/insns/aes64es.h b/riscv/insns/aes64es.h
 new file mode 100644
-index 0000000..c8cac92
+index 0000000..32530c0
 --- /dev/null
-+++ b/riscv/insns/saes64_encs.h
++++ b/riscv/insns/aes64es.h
 @@ -0,0 +1,20 @@
 +
-+#include "saes_common.h"
++#include "aes_common.h"
 +
 +require_rv64;
 +
@@ -312,14 +302,14 @@ index 0000000..c8cac92
 +
 +WRITE_RD(temp);
 +
-diff --git a/riscv/insns/saes64_encsm.h b/riscv/insns/saes64_encsm.h
+diff --git a/riscv/insns/aes64esm.h b/riscv/insns/aes64esm.h
 new file mode 100644
-index 0000000..d72a223
+index 0000000..88645f9
 --- /dev/null
-+++ b/riscv/insns/saes64_encsm.h
++++ b/riscv/insns/aes64esm.h
 @@ -0,0 +1,28 @@
 +
-+#include "saes_common.h"
++#include "aes_common.h"
 +
 +require_rv64;
 +
@@ -346,14 +336,14 @@ index 0000000..d72a223
 +
 +WRITE_RD(result);
 +
-diff --git a/riscv/insns/saes64_imix.h b/riscv/insns/saes64_imix.h
+diff --git a/riscv/insns/aes64im.h b/riscv/insns/aes64im.h
 new file mode 100644
-index 0000000..a7d638a
+index 0000000..754535e
 --- /dev/null
-+++ b/riscv/insns/saes64_imix.h
++++ b/riscv/insns/aes64im.h
 @@ -0,0 +1,15 @@
 +
-+#include "saes_common.h"
++#include "aes_common.h"
 +
 +require_rv64;
 +
@@ -367,14 +357,14 @@ index 0000000..a7d638a
 +
 +WRITE_RD(result);
 +
-diff --git a/riscv/insns/saes64_ks1.h b/riscv/insns/saes64_ks1.h
+diff --git a/riscv/insns/aes64ks1i.h b/riscv/insns/aes64ks1i.h
 new file mode 100644
-index 0000000..cef20f7
+index 0000000..172b5ed
 --- /dev/null
-+++ b/riscv/insns/saes64_ks1.h
++++ b/riscv/insns/aes64ks1i.h
 @@ -0,0 +1,37 @@
 +
-+#include "saes_common.h"
++#include "aes_common.h"
 +
 +require_rv64;
 +
@@ -410,14 +400,14 @@ index 0000000..cef20f7
 +
 +WRITE_RD(result);
 +
-diff --git a/riscv/insns/saes64_ks2.h b/riscv/insns/saes64_ks2.h
+diff --git a/riscv/insns/aes64ks2.h b/riscv/insns/aes64ks2.h
 new file mode 100644
-index 0000000..317f7ef
+index 0000000..fcec177
 --- /dev/null
-+++ b/riscv/insns/saes64_ks2.h
++++ b/riscv/insns/aes64ks2.h
 @@ -0,0 +1,15 @@
 +
-+#include "saes_common.h"
++#include "aes_common.h"
 +
 +require_rv64;
 +
@@ -431,11 +421,11 @@ index 0000000..317f7ef
 +
 +WRITE_RD(result);
 +
-diff --git a/riscv/insns/saes_common.h b/riscv/insns/saes_common.h
+diff --git a/riscv/insns/aes_common.h b/riscv/insns/aes_common.h
 new file mode 100644
 index 0000000..9cc353c
 --- /dev/null
-+++ b/riscv/insns/saes_common.h
++++ b/riscv/insns/aes_common.h
 @@ -0,0 +1,156 @@
 +
 +uint8_t AES_ENC_SBOX[]= {
@@ -593,11 +583,21 @@ index 0000000..9cc353c
 +    AES_INVMIXBYTE(COL,0,1,2,3) <<  0   \
 +)
 +
-diff --git a/riscv/insns/ssha256_sig0.h b/riscv/insns/ssha256_sig0.h
+diff --git a/riscv/insns/pollentropyi.h b/riscv/insns/pollentropyi.h
+new file mode 100644
+index 0000000..ce23097
+--- /dev/null
++++ b/riscv/insns/pollentropyi.h
+@@ -0,0 +1,4 @@
++
++//
++// TODO
++//
+diff --git a/riscv/insns/sha256sig0.h b/riscv/insns/sha256sig0.h
 new file mode 100644
 index 0000000..af3d413
 --- /dev/null
-+++ b/riscv/insns/ssha256_sig0.h
++++ b/riscv/insns/sha256sig0.h
 @@ -0,0 +1,11 @@
 +
 +#define ROR32(a,amt) ((a << (-amt & (32-1))) | (a >> (amt & (32-1))))
@@ -610,11 +610,11 @@ index 0000000..af3d413
 +
 +#undef ROR32
 +
-diff --git a/riscv/insns/ssha256_sig1.h b/riscv/insns/ssha256_sig1.h
+diff --git a/riscv/insns/sha256sig1.h b/riscv/insns/sha256sig1.h
 new file mode 100644
 index 0000000..882a3e0
 --- /dev/null
-+++ b/riscv/insns/ssha256_sig1.h
++++ b/riscv/insns/sha256sig1.h
 @@ -0,0 +1,11 @@
 +
 +#define ROR32(a,amt) ((a << (-amt & (32-1))) | (a >> (amt & (32-1))))
@@ -627,11 +627,11 @@ index 0000000..882a3e0
 +
 +#undef ROR32
 +
-diff --git a/riscv/insns/ssha256_sum0.h b/riscv/insns/ssha256_sum0.h
+diff --git a/riscv/insns/sha256sum0.h b/riscv/insns/sha256sum0.h
 new file mode 100644
 index 0000000..4afbeec
 --- /dev/null
-+++ b/riscv/insns/ssha256_sum0.h
++++ b/riscv/insns/sha256sum0.h
 @@ -0,0 +1,11 @@
 +
 +#define ROR32(a,amt) ((a << (-amt & (32-1))) | (a >> (amt & (32-1))))
@@ -644,11 +644,11 @@ index 0000000..4afbeec
 +
 +#undef ROR32
 +
-diff --git a/riscv/insns/ssha256_sum1.h b/riscv/insns/ssha256_sum1.h
+diff --git a/riscv/insns/sha256sum1.h b/riscv/insns/sha256sum1.h
 new file mode 100644
 index 0000000..b91d3ab
 --- /dev/null
-+++ b/riscv/insns/ssha256_sum1.h
++++ b/riscv/insns/sha256sum1.h
 @@ -0,0 +1,11 @@
 +
 +#define ROR32(a,amt) ((a << (-amt & (32-1))) | (a >> (amt & (32-1))))
@@ -661,11 +661,11 @@ index 0000000..b91d3ab
 +
 +#undef ROR32
 +
-diff --git a/riscv/insns/ssha512_sig0.h b/riscv/insns/ssha512_sig0.h
+diff --git a/riscv/insns/sha512sig0.h b/riscv/insns/sha512sig0.h
 new file mode 100644
 index 0000000..0b490b0
 --- /dev/null
-+++ b/riscv/insns/ssha512_sig0.h
++++ b/riscv/insns/sha512sig0.h
 @@ -0,0 +1,12 @@
 +require_rv64;
 +
@@ -679,11 +679,11 @@ index 0000000..0b490b0
 +
 +#undef ROR64
 +
-diff --git a/riscv/insns/ssha512_sig0h.h b/riscv/insns/ssha512_sig0h.h
+diff --git a/riscv/insns/sha512sig0h.h b/riscv/insns/sha512sig0h.h
 new file mode 100644
 index 0000000..f6bf249
 --- /dev/null
-+++ b/riscv/insns/ssha512_sig0h.h
++++ b/riscv/insns/sha512sig0h.h
 @@ -0,0 +1,6 @@
 +
 +uint32_t result =
@@ -691,11 +691,11 @@ index 0000000..f6bf249
 +    ((uint32_t)RS2 << 31) ^                         ((uint32_t)RS2 << 24);
 +
 +WRITE_RD(zext_xlen(result));
-diff --git a/riscv/insns/ssha512_sig0l.h b/riscv/insns/ssha512_sig0l.h
+diff --git a/riscv/insns/sha512sig0l.h b/riscv/insns/sha512sig0l.h
 new file mode 100644
 index 0000000..eb3bd0e
 --- /dev/null
-+++ b/riscv/insns/ssha512_sig0l.h
++++ b/riscv/insns/sha512sig0l.h
 @@ -0,0 +1,6 @@
 +
 +uint32_t result =
@@ -703,11 +703,11 @@ index 0000000..eb3bd0e
 +    ((uint32_t)RS2 << 31) ^ ((uint32_t)RS2 << 25) ^ ((uint32_t)RS2 << 24);
 +
 +WRITE_RD(zext_xlen(result));
-diff --git a/riscv/insns/ssha512_sig1.h b/riscv/insns/ssha512_sig1.h
+diff --git a/riscv/insns/sha512sig1.h b/riscv/insns/sha512sig1.h
 new file mode 100644
 index 0000000..ab66c6a
 --- /dev/null
-+++ b/riscv/insns/ssha512_sig1.h
++++ b/riscv/insns/sha512sig1.h
 @@ -0,0 +1,12 @@
 +require_rv64;
 +
@@ -721,11 +721,11 @@ index 0000000..ab66c6a
 +
 +#undef ROR64
 +
-diff --git a/riscv/insns/ssha512_sig1h.h b/riscv/insns/ssha512_sig1h.h
+diff --git a/riscv/insns/sha512sig1h.h b/riscv/insns/sha512sig1h.h
 new file mode 100644
 index 0000000..4171156
 --- /dev/null
-+++ b/riscv/insns/ssha512_sig1h.h
++++ b/riscv/insns/sha512sig1h.h
 @@ -0,0 +1,6 @@
 +
 +uint32_t result =
@@ -733,11 +733,11 @@ index 0000000..4171156
 +    ((uint32_t)RS2 >> 29) ^                         ((uint32_t)RS2 << 13);
 +
 +WRITE_RD(zext_xlen(result));
-diff --git a/riscv/insns/ssha512_sig1l.h b/riscv/insns/ssha512_sig1l.h
+diff --git a/riscv/insns/sha512sig1l.h b/riscv/insns/sha512sig1l.h
 new file mode 100644
 index 0000000..b47affd
 --- /dev/null
-+++ b/riscv/insns/ssha512_sig1l.h
++++ b/riscv/insns/sha512sig1l.h
 @@ -0,0 +1,6 @@
 +
 +uint32_t result =
@@ -745,11 +745,11 @@ index 0000000..b47affd
 +    ((uint32_t)RS2 >> 29) ^ ((uint32_t)RS2 << 26) ^ ((uint32_t)RS2 << 13);
 +
 +WRITE_RD(zext_xlen(result));
-diff --git a/riscv/insns/ssha512_sum0.h b/riscv/insns/ssha512_sum0.h
+diff --git a/riscv/insns/sha512sum0.h b/riscv/insns/sha512sum0.h
 new file mode 100644
 index 0000000..ad2dc89
 --- /dev/null
-+++ b/riscv/insns/ssha512_sum0.h
++++ b/riscv/insns/sha512sum0.h
 @@ -0,0 +1,12 @@
 +require_rv64;
 +
@@ -763,11 +763,11 @@ index 0000000..ad2dc89
 +
 +#undef ROR64
 +
-diff --git a/riscv/insns/ssha512_sum0r.h b/riscv/insns/ssha512_sum0r.h
+diff --git a/riscv/insns/sha512sum0r.h b/riscv/insns/sha512sum0r.h
 new file mode 100644
 index 0000000..87a055b
 --- /dev/null
-+++ b/riscv/insns/ssha512_sum0r.h
++++ b/riscv/insns/sha512sum0r.h
 @@ -0,0 +1,6 @@
 +
 +uint32_t result =
@@ -775,11 +775,11 @@ index 0000000..87a055b
 +    ((uint32_t)RS2 >>  7) ^ ((uint32_t)RS2 >>  2) ^ ((uint32_t)RS2 <<  4);
 +
 +WRITE_RD(zext_xlen(result));
-diff --git a/riscv/insns/ssha512_sum1.h b/riscv/insns/ssha512_sum1.h
+diff --git a/riscv/insns/sha512sum1.h b/riscv/insns/sha512sum1.h
 new file mode 100644
 index 0000000..a2e555b
 --- /dev/null
-+++ b/riscv/insns/ssha512_sum1.h
++++ b/riscv/insns/sha512sum1.h
 @@ -0,0 +1,12 @@
 +require_rv64;
 +
@@ -793,11 +793,11 @@ index 0000000..a2e555b
 +
 +#undef ROR64
 +
-diff --git a/riscv/insns/ssha512_sum1r.h b/riscv/insns/ssha512_sum1r.h
+diff --git a/riscv/insns/sha512sum1r.h b/riscv/insns/sha512sum1r.h
 new file mode 100644
 index 0000000..edfe15c
 --- /dev/null
-+++ b/riscv/insns/ssha512_sum1r.h
++++ b/riscv/insns/sha512sum1r.h
 @@ -0,0 +1,6 @@
 +
 +uint32_t result =
@@ -805,11 +805,11 @@ index 0000000..edfe15c
 +    ((uint32_t)RS2 >>  9) ^ ((uint32_t)RS2 << 18) ^ ((uint32_t)RS2 << 14);
 +
 +WRITE_RD(result);
-diff --git a/riscv/insns/ssm3_p0.h b/riscv/insns/ssm3_p0.h
+diff --git a/riscv/insns/sm3p0.h b/riscv/insns/sm3p0.h
 new file mode 100644
 index 0000000..d0afc3d
 --- /dev/null
-+++ b/riscv/insns/ssm3_p0.h
++++ b/riscv/insns/sm3p0.h
 @@ -0,0 +1,9 @@
 +
 +#define ROL32(a,amt) ((a >> (-amt & (32-1))) | (a << (amt & (32-1))))
@@ -820,11 +820,11 @@ index 0000000..d0afc3d
 +
 +#undef ROR32
 +
-diff --git a/riscv/insns/ssm3_p1.h b/riscv/insns/ssm3_p1.h
+diff --git a/riscv/insns/sm3p1.h b/riscv/insns/sm3p1.h
 new file mode 100644
 index 0000000..f3b12d3
 --- /dev/null
-+++ b/riscv/insns/ssm3_p1.h
++++ b/riscv/insns/sm3p1.h
 @@ -0,0 +1,9 @@
 +
 +#define ROL32(a,amt) ((a >> (-amt & (32-1))) | (a << (amt & (32-1))))
@@ -835,11 +835,11 @@ index 0000000..f3b12d3
 +
 +#undef ROR32
 +
-diff --git a/riscv/insns/ssm4_common.h b/riscv/insns/ssm4_common.h
+diff --git a/riscv/insns/sm4_common.h b/riscv/insns/sm4_common.h
 new file mode 100644
 index 0000000..17f129f
 --- /dev/null
-+++ b/riscv/insns/ssm4_common.h
++++ b/riscv/insns/sm4_common.h
 @@ -0,0 +1,27 @@
 +
 +// SM4 forward SBox. SM4 has no inverse sbox.
@@ -868,14 +868,14 @@ index 0000000..17f129f
 +	0xD7, 0xCB, 0x39, 0x48
 +};
 +
-diff --git a/riscv/insns/ssm4_ed.h b/riscv/insns/ssm4_ed.h
+diff --git a/riscv/insns/sm4ed.h b/riscv/insns/sm4ed.h
 new file mode 100644
-index 0000000..312a137
+index 0000000..55e811d
 --- /dev/null
-+++ b/riscv/insns/ssm4_ed.h
++++ b/riscv/insns/sm4ed.h
 @@ -0,0 +1,20 @@
 +
-+#include "ssm4_common.h"
++#include "sm4_common.h"
 +
 +uint8_t  bs     = insn.bs();
 +
@@ -894,14 +894,14 @@ index 0000000..312a137
 +
 +WRITE_RD(result);
 +
-diff --git a/riscv/insns/ssm4_ks.h b/riscv/insns/ssm4_ks.h
+diff --git a/riscv/insns/sm4ks.h b/riscv/insns/sm4ks.h
 new file mode 100644
-index 0000000..390858b
+index 0000000..e95b735
 --- /dev/null
-+++ b/riscv/insns/ssm4_ks.h
++++ b/riscv/insns/sm4ks.h
 @@ -0,0 +1,18 @@
 +
-+#include "ssm4_common.h"
++#include "sm4_common.h"
 +
 +uint8_t  bs     = insn.bs();
 +
@@ -919,7 +919,7 @@ index 0000000..390858b
 +WRITE_RD(result);
 +
 diff --git a/riscv/riscv.mk.in b/riscv/riscv.mk.in
-index 4ee64fa..e1d1e40 100644
+index 4ee64fa..a7aa11d 100644
 --- a/riscv/riscv.mk.in
 +++ b/riscv/riscv.mk.in
 @@ -772,6 +772,37 @@ riscv_insn_priv = \
@@ -927,36 +927,36 @@ index 4ee64fa..e1d1e40 100644
  	wfi \
  
 +riscv_insn_crypto = \
-+    saes32_encsm \
-+    saes32_encs \
-+    saes32_decsm \
-+    saes32_decs \
-+    ssm4_ed \
-+    ssm4_ks \
-+    ssm3_p0 \
-+    ssm3_p1 \
-+    saes64_ks1 \
-+    saes64_ks2 \
-+    saes64_imix \
-+    saes64_encsm \
-+    saes64_encs \
-+    saes64_decsm \
-+    saes64_decs \
-+    ssha256_sig0 \
-+    ssha256_sig1 \
-+    ssha256_sum0 \
-+    ssha256_sum1 \
-+    ssha512_sig0l \
-+    ssha512_sig0h \
-+    ssha512_sig1l \
-+    ssha512_sig1h \
-+    ssha512_sum0r \
-+    ssha512_sum1r \
-+    ssha512_sig0 \
-+    ssha512_sig1 \
-+    ssha512_sum0 \
-+    ssha512_sum1 \
-+    pollentropy
++    aes32esmi \
++    aes32esi \
++    aes32dsmi \
++    aes32dsi \
++    sm4ed \
++    sm4ks \
++    sm3p0 \
++    sm3p1 \
++    aes64ks1i \
++    aes64ks2 \
++    aes64im \
++    aes64esm \
++    aes64es \
++    aes64dsm \
++    aes64ds \
++    sha256sig0 \
++    sha256sig1 \
++    sha256sum0 \
++    sha256sum1 \
++    sha512sig0l \
++    sha512sig0h \
++    sha512sig1l \
++    sha512sig1h \
++    sha512sum0r \
++    sha512sum1r \
++    sha512sig0 \
++    sha512sig1 \
++    sha512sum0 \
++    sha512sum1 \
++    pollentropyi
  
  riscv_insn_list = \
  	$(riscv_insn_ext_a) \