Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sha1: ARM acceleration using stdarch intrinsics #257

Closed
4 tasks done
tarcieri opened this issue Apr 25, 2021 · 5 comments · Fixed by #596
Closed
4 tasks done

sha1: ARM acceleration using stdarch intrinsics #257

tarcieri opened this issue Apr 25, 2021 · 5 comments · Fixed by #596

Comments

@tarcieri
Copy link
Member

tarcieri commented Apr 25, 2021

There are a number of issues and comments floating around about this, so I thought I'd make a single tracking issue for this.

Right now we have a separate asm-hashes repo containing assembly implementations of various hash functions.

Longer-term, it would be nice to have ARM implementations of hash functions using stdarch intrinsics, particularly if they provide similar performance via use of e.g. ARMv8 Cryptography Extensions. I was almost able prototype a SHA-256 implementation this way:

https://gist.github.com/tarcieri/414a3300072160f372b5d93ccfce280b

There are a few notable blockers though:

  • some of the intrinsics we'd need are missing, e.g. vst1q_u32 and vreinterpretq_u8_u32 (added)
  • the stdarch intrinsics for ARM are unstable/nightly-only
  • there is presently no CI solution for e.g. Apple M1 (we can and already do use cross for more generic aarch64)
  • some way of gating the use of these intrinsics, e.g. via target_feature/RUSTFLAGS and/or runtime detection. see also cpufeatures: ARM support utils#378

I think we could move forward prototyping things like SHA-1 and SHA-256 using the stdarch intrinsics for the ARMv8 Cryptography Extensions, but we may just need to leave those as draft PRs for now, or if we do merge them potentially add something like a nightly feature to gate them under.

@tarcieri tarcieri changed the title ARM acceleration (for e.g. SHA-1/SHA-256) using stdarch intrinsics sha1/sha2: ARM acceleration using stdarch intrinsics Jul 18, 2021
@tarcieri
Copy link
Member Author

tarcieri commented Oct 29, 2022

Here is a public domain implementation of SHA-256 using the ARMv8 intrinsics:

https://github.com/noloader/SHA-Intrinsics/blob/master/sha256-arm.c

I translated it in the aforementioned gist:

https://gist.github.com/tarcieri/414a3300072160f372b5d93ccfce280b

@izik1
Copy link

izik1 commented Oct 3, 2023

as a note: all of the intrinsics I've found used are stable for aarch64 as of 1.72, I went on a quest to figure that out, so I felt like sharing the results of that. (https://doc.rust-lang.org/stable/core/arch/aarch64/fn.vsha256hq_u32.html being 1 of them, the rest I checked are also there, note that it says 1.72.1, it was actually stabilized in 1.72.0 but the version tagging and changelogging got missed, and it currently just says whatever version stable is)

@tarcieri
Copy link
Member Author

tarcieri commented Oct 3, 2023

Yeah, we managed to make both aes and polyval support stable when using ARMv8 intrinsics.

It seems my little port of the SHA-256 intrinsics went by the wayside, but we should do something similar for that.

Oh nevermind, it's there, it's just using ASM "polyfills". We can bump to MSRV 1.72 in the next breaking release:

https://github.com/RustCrypto/hashes/blob/master/sha2/src/sha256/aarch64.rs

@tarcieri tarcieri changed the title sha1/sha2: ARM acceleration using stdarch intrinsics sha1: ARM acceleration using stdarch intrinsics Oct 9, 2023
@tarcieri
Copy link
Member Author

tarcieri commented Oct 9, 2023

I removed sha2 from the issue title as it's effectively complete aside from removing the ASM polyfills.

sha1 is still using an ASM backend rather than intrinsics: https://github.com/RustCrypto/hashes/blob/1b4a55c/sha1/src/compress/aarch64.rs#L14

@newpavlov
Copy link
Member

Dependency on asm-hashes was removed recently in preparation for v0.11 releases, so it's worth to port the assembly to asm!.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants