Merge pull request #5632 from tom-cosgrove-arm/seclib-667-sha512-acceleration-mbedtls-internal
SECLIB-667: Accelerate SHA-512 with A64 crypto extensions
This commit is contained in:
Dave Rodgman
GitHub
commit
1c41501949
7 changed files with 563 additions and 19 deletions
|
|
@ -605,6 +605,61 @@
|
|||
#error "MBEDTLS_SHA384_C defined without MBEDTLS_SHA512_C"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \
|
||||
defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)
|
||||
#error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \
|
||||
defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)
|
||||
#if !defined(MBEDTLS_SHA512_C)
|
||||
#error "MBEDTLS_SHA512_USE_A64_CRYPTO_* defined without MBEDTLS_SHA512_C"
|
||||
#endif
|
||||
#if defined(MBEDTLS_SHA512_ALT) || defined(MBEDTLS_SHA512_PROCESS_ALT)
|
||||
#error "MBEDTLS_SHA512_*ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_*"
|
||||
#endif
|
||||
/*
|
||||
* Best performance comes from most recent compilers, with intrinsics and -O3.
|
||||
* Must compile with -march=armv8.2-a+sha3, but we can't detect armv8.2-a, and
|
||||
* can't always detect __ARM_FEATURE_SHA512 (notably clang 7-12).
|
||||
*
|
||||
* GCC < 8 won't work at all (lacks the sha512 instructions)
|
||||
* GCC >= 8 uses intrinsics, sets __ARM_FEATURE_SHA512
|
||||
*
|
||||
* Clang < 7 won't work at all (lacks the sha512 instructions)
|
||||
* Clang 7-12 don't have intrinsics (but we work around that with inline
|
||||
* assembler) or __ARM_FEATURE_SHA512
|
||||
* Clang == 13.0.0 same as clang 12 (only seen on macOS)
|
||||
* Clang >= 13.0.1 has __ARM_FEATURE_SHA512 and intrinsics
|
||||
*/
|
||||
#if defined(__aarch64__) && !defined(__ARM_FEATURE_SHA512)
|
||||
/* Test Clang first, as it defines __GNUC__ */
|
||||
# if defined(__clang__)
|
||||
# if __clang_major__ < 7
|
||||
# error "A more recent Clang is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*"
|
||||
# elif __clang_major__ < 13 || \
|
||||
(__clang_major__ == 13 && __clang_minor__ == 0 && __clang_patchlevel__ == 0)
|
||||
/* We implement the intrinsics with inline assembler, so don't error */
|
||||
# else
|
||||
# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*"
|
||||
# endif
|
||||
# elif defined(__GNUC__)
|
||||
# if __GNUC__ < 8
|
||||
# error "A more recent GCC is required for MBEDTLS_SHA512_USE_A64_CRYPTO_*"
|
||||
# else
|
||||
# error "Must use minimum -march=armv8.2-a+sha3 for MBEDTLS_SHA512_USE_A64_CRYPTO_*"
|
||||
# endif
|
||||
# else
|
||||
# error "Only GCC and Clang supported for MBEDTLS_SHA512_USE_A64_CRYPTO_*"
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */
|
||||
|
||||
#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(__aarch64__)
|
||||
#error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SHA224_C) && !defined(MBEDTLS_SHA256_C)
|
||||
#error "MBEDTLS_SHA224_C defined without MBEDTLS_SHA256_C"
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -2840,6 +2840,60 @@
|
|||
*/
|
||||
#define MBEDTLS_SHA512_C
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
|
||||
*
|
||||
* Enable acceleration of the SHA-512 cryptographic hash algorithm with the
|
||||
* Arm A64 cryptographic extensions if they are available at runtime. If not,
|
||||
* it will fall back to the C implementation.
|
||||
*
|
||||
* \note If MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT is defined when building
|
||||
* for a non-Aarch64 build it will be silently ignored.
|
||||
*
|
||||
* \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or
|
||||
* Clang >= 7, and \c CFLAGS must be set to a minimum of
|
||||
* \c -march=armv8.2-a+sha3. An optimisation level of \c -O3 generates the
|
||||
* fastest code.
|
||||
*
|
||||
* \warning MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the
|
||||
* same time as MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY.
|
||||
*
|
||||
* Requires: MBEDTLS_SHA512_C.
|
||||
*
|
||||
* Module: library/sha512.c
|
||||
*
|
||||
* Uncomment to have the library check for the A64 SHA-512 crypto extensions
|
||||
* and use them if available.
|
||||
*/
|
||||
//#define MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY
|
||||
*
|
||||
* Enable acceleration of the SHA-512 cryptographic hash algorithm with the
|
||||
* Arm A64 cryptographic extensions, which must be available at runtime (or
|
||||
* an illegal instruction fault will occur).
|
||||
*
|
||||
* \note This allows builds with a smaller code size than with
|
||||
* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
|
||||
*
|
||||
* \note The code uses the SHA-512 Neon intrinsics, so requires GCC >= 8 or
|
||||
* Clang >= 7, and \c CFLAGS must be set to a minimum of
|
||||
* \c -march=armv8.2-a+sha3. An optimisation level of \c -O3 generates the
|
||||
* fastest code.
|
||||
*
|
||||
* \warning MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY cannot be defined at the same
|
||||
* time as MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT.
|
||||
*
|
||||
* Requires: MBEDTLS_SHA512_C.
|
||||
*
|
||||
* Module: library/sha512.c
|
||||
*
|
||||
* Uncomment to have the library use the A64 SHA-512 crypto extensions
|
||||
* unconditionally.
|
||||
*/
|
||||
//#define MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_SSL_CACHE_C
|
||||
*
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue