Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement much faster sha256 and sha512. #41

Closed
wants to merge 11 commits into from
Closed

Implement much faster sha256 and sha512. #41

Show file tree
Hide file tree
Changes from 10 commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
57ef977
Add sha256-avx2 and sha256-ni
0xdeafbeef Aug 29, 2021
354bc0c
Implement fast SHA-512 with AVX2 instructions
0xdeafbeef Aug 29, 2021
d80c79a
Update build.rs
0xdeafbeef Aug 29, 2021
c7dd9e5
Cleanup
0xdeafbeef Aug 29, 2021
c705ae2
Add runtime feature detection. Update build
0xdeafbeef Aug 29, 2021
e17dee4
Refactor
0xdeafbeef Aug 30, 2021
b685df3
Fix not linux os build
0xdeafbeef Aug 30, 2021
9ad48b8
Update
0xdeafbeef Sep 4, 2021
efec464
Refactor build script
0xdeafbeef Sep 5, 2021
99627cf
Small fix
0xdeafbeef Sep 6, 2021
43813ab
Fix issues
0xdeafbeef Sep 8, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 17 additions & 1 deletion Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions sha2/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,5 +10,8 @@ keywords = ["crypto", "sha2", "asm"]
categories = ["cryptography", "no-std"]
edition = "2018"

[dependencies]
cpufeatures = "0.2"

[build-dependencies]
cc = "1.0"
26 changes: 18 additions & 8 deletions sha2/build.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,27 +3,37 @@ fn main() {

let target_arch = env::var("CARGO_CFG_TARGET_ARCH").unwrap_or_default();
let target_vendor = env::var("CARGO_CFG_TARGET_VENDOR").unwrap_or_default();

let target_os = env::var("CARGO_CFG_TARGET_OS").unwrap_or_default();
let mut build256 = cc::Build::new();
let (sha256_path, sha512_path) = if target_arch == "x86" {
("src/sha256_x86.S", "src/sha512_x86.S")
let (sha256_path, sha512_path): (&[&str], &[&str]) = if target_arch == "x86" {
(&["src/sha256_x86.S"], &["src/sha512_x86.S"])
} else if target_arch == "x86_64" {
("src/sha256_x64.S", "src/sha512_x64.S")
if target_os == "linux" {
(
&["src/sha256_x64_avx2.S", "src/sha256_x64.S"],
&["src/sha512_x64_avx2.S", "src/sha512_x64.S"],
)
} else {
(&["src/sha256_x64.S"], &["src/sha512_x64.S"])
}
} else if target_arch == "aarch64" && target_vendor == "apple" {
build256.flag("-march=armv8-a+crypto");
("src/sha256_aarch64_apple.S", "")
(&["src/sha256_aarch64_apple.S"], &[""])
} else if target_arch == "aarch64" {
build256.flag("-march=armv8-a+crypto");
("src/sha256_aarch64.S", "")
(&["src/sha256_aarch64.S"], &[""])
} else {
panic!("Unsupported target architecture");
};

if target_arch != "aarch64" {
cc::Build::new()
.flag("-c")
.file(sha512_path)
.files(sha512_path)
.compile("libsha512.a");
}
build256.flag("-c").file(sha256_path).compile("libsha256.a");
build256
.flag("-c")
.files(sha256_path)
.compile("libsha256.a");
}
29 changes: 25 additions & 4 deletions sha2/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,23 +13,37 @@
#[cfg(not(any(target_arch = "x86_64", target_arch = "x86", target_arch = "aarch64")))]
compile_error!("crate can only be used on x86, x86-64 and aarch64 architectures");

cpufeatures::new!(cpuid_avx2, "avx2");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Gate this line on #[cfg(any(target_arch = "x86_64", target_arch = "x86"))]. Otherwise it causes compilation failure on Aarch64 targets.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You forgot to modify the compress256 function (see the CI failure). Currently it tries to use the cpuid_avx2 module on all targets. I think the easiest solution would be to introduce two function with the same name one gated on x86(-64) and another one on AArch64.


#[link(name = "sha256", kind = "static")]
#[allow(dead_code)]
extern "C" {
fn sha256_compress(state: &mut [u32; 8], block: &[u8; 64]);
fn sha256_transform_rorx(state: &mut [u32; 8], block: *const [u8; 64], num_blocks: u64);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You forgot to change num_blocks to usize here. Also we probably should change sha256_compress to explicit pointer and length as well (same for sha512_compress). IIRC memory layout of slices is not guaranteed.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems like it's guaranteed

Copy link
Member

@newpavlov newpavlov Sep 8, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Your link talks about layout of slice itself (i.e. about how elements of a slice a stored in memory). In this context it's more about ABI guarantees, i.e. I don't think it's currently guaranteed that val: &[u8; 16] is equivalent to val_ptr: *const [u8; 16], len: usize when used in extern "C" fns. Can you please modify the signature just to be extra safe?

}

/// Safe wrapper around assembly implementation of SHA256 compression function
///
#[inline]
pub fn compress256(state: &mut [u32; 8], blocks: &[[u8; 64]]) {
for block in blocks {
unsafe { sha256_compress(state, block) }
let token: cpuid_avx2::InitToken = cpuid_avx2::init();

if token.get() {
if !blocks.is_empty() {
unsafe { sha256_transform_rorx(state, blocks.as_ptr(), blocks.len() as u64) }
}
} else {
for block in blocks {
unsafe { sha256_compress(state, block) }
}
}
}

#[cfg(not(target_arch = "aarch64"))]
#[link(name = "sha512", kind = "static")]
extern "C" {
fn sha512_compress(state: &mut [u64; 8], block: &[u8; 128]);
fn sha512_transform_rorx(state: &mut [u64; 8], block: *const [u8; 128], num_blocks: usize);
}

/// Safe wrapper around assembly implementation of SHA512 compression function
Expand All @@ -38,7 +52,14 @@ extern "C" {
#[cfg(not(target_arch = "aarch64"))]
#[inline]
pub fn compress512(state: &mut [u64; 8], blocks: &[[u8; 128]]) {
for block in blocks {
unsafe { sha512_compress(state, block) }
let token: cpuid_avx2::InitToken = cpuid_avx2::init();
if token.get() {
if !blocks.is_empty() {
unsafe { sha512_transform_rorx(state, blocks.as_ptr(), blocks.len()) }
}
} else {
for block in blocks {
unsafe { sha512_compress(state, block) }
}
}
}
Loading