Skip to content

Commit

Permalink
Merge pull request #8298 from daverodgman/sha-armce-thumb2
Browse files Browse the repository at this point in the history
Support SHA256 acceleration on Armv8 thumb2 and arm
  • Loading branch information
daverodgman authored Oct 24, 2023
2 parents a675ef8 + 5145902 commit d69d3cd
Show file tree
Hide file tree
Showing 9 changed files with 258 additions and 80 deletions.
7 changes: 7 additions & 0 deletions ChangeLog.d/sha256-armce-arm.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
Features
* Support Armv8-A Crypto Extension acceleration for SHA-256
when compiling for Thumb (T32) or 32-bit Arm (A32).
New deprecations
* Rename the MBEDTLS_SHA256_USE_A64_CRYPTO_xxx config options to
MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_xxx. The old names may still
be used, but are deprecated.
16 changes: 16 additions & 0 deletions include/mbedtls/build_info.h
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,22 @@
#define MBEDTLS_ARCH_IS_X86
#endif

/* This is defined if the architecture is Armv8-A, or higher */
#if !defined(MBEDTLS_ARCH_IS_ARMV8_A)
#if defined(__ARM_ARCH) && defined(__ARM_ARCH_PROFILE)
#if (__ARM_ARCH >= 8) && (__ARM_ARCH_PROFILE == 'A')
/* GCC, clang, armclang and IAR */
#define MBEDTLS_ARCH_IS_ARMV8_A
#endif
#elif defined(__ARM_ARCH_8A)
/* Alternative defined by clang */
#define MBEDTLS_ARCH_IS_ARMV8_A
#elif defined(_M_ARM64) || defined(_M_ARM64EC)
/* MSVC ARM64 is at least Armv8.0-A */
#define MBEDTLS_ARCH_IS_ARMV8_A
#endif
#endif

#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
#define _CRT_SECURE_NO_DEPRECATE 1
#endif
Expand Down
19 changes: 9 additions & 10 deletions include/mbedtls/check_config.h
Original file line number Diff line number Diff line change
Expand Up @@ -849,25 +849,24 @@
#error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system"
#endif

#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \
defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY)
#error "Must only define one of MBEDTLS_SHA256_USE_A64_CRYPTO_*"
#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \
defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY)
#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*"
#endif

#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) || \
defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY)
#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \
defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY)
#if !defined(MBEDTLS_SHA256_C)
#error "MBEDTLS_SHA256_USE_A64_CRYPTO_* defined without MBEDTLS_SHA256_C"
#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA256_C"
#endif
#if defined(MBEDTLS_SHA256_ALT) || defined(MBEDTLS_SHA256_PROCESS_ALT)
#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_A64_CRYPTO_*"
#error "MBEDTLS_SHA256_*ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*"
#endif

#endif

#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && \
!defined(__aarch64__) && !defined(_M_ARM64)
#error "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system"
#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A)
#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY defined on non-Armv8-A system"
#endif

/* TLS 1.3 requires separate HKDF parts from PSA,
Expand Down
10 changes: 10 additions & 0 deletions include/mbedtls/config_adjust_legacy_crypto.h
Original file line number Diff line number Diff line change
Expand Up @@ -306,6 +306,16 @@
#define MBEDTLS_CIPHER_PADDING_PKCS7
#endif

/* Backwards compatibility for some macros which were renamed to reflect that
* they are related to Armv8, not aarch64. */
#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT) && \
!defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT)
#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT
#endif
#if defined(MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY) && !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY)
#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY
#endif

#if (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_GCM_C)) || \
(defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_GCM))
#define MBEDTLS_SSL_HAVE_GCM
Expand Down
48 changes: 37 additions & 11 deletions include/mbedtls/mbedtls_config.h
Original file line number Diff line number Diff line change
Expand Up @@ -3270,59 +3270,85 @@
#define MBEDTLS_SHA256_C

/**
* \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
* \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT
*
* Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms
* with the ARMv8 cryptographic extensions if they are available at runtime.
* If not, the library will fall back to the C implementation.
*
* \note If MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT is defined when building
* for a non-Aarch64 build it will be silently ignored.
* \note If MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT is defined when building
* for a non-Armv8-A build it will be silently ignored.
*
* \note Minimum compiler versions for this feature are Clang 4.0,
* armclang 6.6 or GCC 6.0.
*
* \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for
* armclang <= 6.9
*
* \warning MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT cannot be defined at the
* same time as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY.
* \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT.
* That name is deprecated, but may still be used as an alternative form for this
* option.
*
* \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT cannot be defined at the
* same time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY.
*
* Requires: MBEDTLS_SHA256_C.
*
* Module: library/sha256.c
*
* Uncomment to have the library check for the A64 SHA-256 crypto extensions
* Uncomment to have the library check for the Armv8-A SHA-256 crypto extensions
* and use them if available.
*/
//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT

/**
* \def MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
*
* \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT.
* This name is now deprecated, but may still be used as an alternative form for
* this option.
*/
//#define MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT

/**
* \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY
* \def MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY
*
* Enable acceleration of the SHA-256 and SHA-224 cryptographic hash algorithms
* with the ARMv8 cryptographic extensions, which must be available at runtime
* or else an illegal instruction fault will occur.
*
* \note This allows builds with a smaller code size than with
* MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
* MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT
*
* \note Minimum compiler versions for this feature are Clang 4.0,
* armclang 6.6 or GCC 6.0.
*
* \note \c CFLAGS must be set to a minimum of \c -march=armv8-a+crypto for
* armclang <= 6.9
*
* \warning MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY cannot be defined at the same
* time as MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT.
* \note This was previously known as MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY.
* That name is deprecated, but may still be used as an alternative form for this
* option.
*
* \warning MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY cannot be defined at the same
* time as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT.
*
* Requires: MBEDTLS_SHA256_C.
*
* Module: library/sha256.c
*
* Uncomment to have the library use the A64 SHA-256 crypto extensions
* Uncomment to have the library use the Armv8-A SHA-256 crypto extensions
* unconditionally.
*/
//#define MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY

/**
* \def MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY
*
* \deprecated This is now known as MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY.
* This name is now deprecated, but may still be used as an alternative form for
* this option.
*/
//#define MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY

/**
Expand Down
Loading

0 comments on commit d69d3cd

Please sign in to comment.