From bef1ae5f3c7199f2ef4035fee8465c6339ebdee8 Mon Sep 17 00:00:00 2001 From: Ed Tubbs Date: Tue, 15 Jun 2021 22:12:59 -0500 Subject: [PATCH] Commit changes to SHA sources Added nasm and intel-ipsec-mb to depends Added remote_digest_init.patch Added argument and checks to configure.ac Make nasm a native dependency --- .github/workflows/ci.yml | 4 ++-- configure.ac | 7 +++++++ depends/packages/intel-ipsec-mb.mk | 19 +++++++++++++++++ depends/packages/native_nasm.mk | 21 +++++++++++++++++++ depends/packages/packages.mk | 3 +++ .../intel-ipsec-mb/remove_digest_init.patch | 13 ++++++++++++ src/crypto/sha1.cpp | 17 +++++++++++++++ src/crypto/sha256.cpp | 13 ++++++++++++ src/crypto/sha512.cpp | 14 +++++++++++++ 9 files changed, 109 insertions(+), 2 deletions(-) create mode 100644 depends/packages/intel-ipsec-mb.mk create mode 100644 depends/packages/native_nasm.mk create mode 100644 depends/patches/intel-ipsec-mb/remove_digest_init.patch diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bb7614f8a..1d6f99224 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -92,7 +92,7 @@ jobs: sudo update-binfmts --import /usr/share/binfmts/wine run-tests: true dep-opts: "" - config-opts: "--enable-reduce-exports --enable-gui=qt5" + config-opts: "CC=x86_64-w64-mingw32-gcc LIBS=-lIPSec_MB --enable-reduce-exports --enable-gui=qt5" goal: install - name: x86_64-macos host: x86_64-apple-darwin11 @@ -115,7 +115,7 @@ jobs: - name: Install packages run: | sudo apt-get update - sudo apt-get install build-essential libtool autotools-dev automake pkg-config bsdmainutils curl ca-certificates ccache python3 rsync git procps bison + sudo apt-get install build-essential libtool autotools-dev automake pkg-config bsdmainutils curl ca-certificates ccache python3 rsync git procps bison nasm sudo apt-get install ${{ matrix.packages }} - name: Post install diff --git a/configure.ac b/configure.ac index 9d1148e64..474db9f8d 100644 --- a/configure.ac +++ b/configure.ac @@ -785,6 +785,13 @@ fi fi +case $host in + x86_64-*-linux*) + AC_CHECK_LIB([IPSec_MB],[sha1_one_block_avx2],LIBS=-lIPSec_MB, AC_MSG_ERROR(IPSec_MB missing)) + AC_CHECK_LIB([IPSec_MB],[sha256_one_block_avx2],LIBS=-lIPSec_MB, AC_MSG_ERROR(IPSec_MB missing)) + AC_CHECK_LIB([IPSec_MB],[sha512_one_block_avx2],LIBS=-lIPSec_MB, AC_MSG_ERROR(IPSec_MB missing)) +esac + if test x$use_pkgconfig = xyes; then : dnl m4_ifdef( diff --git a/depends/packages/intel-ipsec-mb.mk b/depends/packages/intel-ipsec-mb.mk new file mode 100644 index 000000000..881803fb1 --- /dev/null +++ b/depends/packages/intel-ipsec-mb.mk @@ -0,0 +1,19 @@ +package=intel-ipsec-mb +$(package)_version=1.0 +$(package)_download_path=https://github.com/intel/intel-ipsec-mb/archive/refs/tags +$(package)_file_name=v$($(package)_version).tar.gz +$(package)_sha256_hash=03501aea472d3c8fdf8f1f207816eefeaf5e4ebbdc71d88dcb26b2519841bb74 +$(package)_patches=remove_digest_init.patch +$(package)_dependencies=native_nasm + +define $(package)_preprocess_cmds + patch -p1 < $($(package)_patch_dir)/remove_digest_init.patch +endef + +define $(package)_build_cmds + $(MAKE) NASM=$(build_prefix)/bin/nasm +endef + +define $(package)_stage_cmds + $(MAKE) NASM=$(build_prefix)/bin/nasm PREFIX=$($(package)_staging_prefix_dir) SHARED=n NOLDCONFIG=y install +endef diff --git a/depends/packages/native_nasm.mk b/depends/packages/native_nasm.mk new file mode 100644 index 000000000..b205279f3 --- /dev/null +++ b/depends/packages/native_nasm.mk @@ -0,0 +1,21 @@ +package=native_nasm +$(package)_version=2.15.05 +$(package)_download_path=http://nasm.us/pub/nasm/releasebuilds/$($(package)_version) +$(package)_file_name=nasm-$($(package)_version).tar.bz2 +$(package)_sha256_hash=3c4b8339e5ab54b1bcb2316101f8985a5da50a3f9e504d43fa6f35668bee2fd0 + +define $(package)_config_cmds + $($(package)_autoconf) +endef + +define $(package)_build_cmds + $(MAKE) +endef + +define $(package)_stage_cmds + $(MAKE) DESTDIR=$($(package)_staging_dir) install +endef + +define $(package)_postprocess_cmds + rm -rf share +endef diff --git a/depends/packages/packages.mk b/depends/packages/packages.mk index 42481389f..5d35644d3 100644 --- a/depends/packages/packages.mk +++ b/depends/packages/packages.mk @@ -1,6 +1,9 @@ packages:=boost openssl libevent zeromq native_packages := native_ccache +x86_64_linux_native_packages:=native_nasm +x86_64_linux_packages:=intel-ipsec-mb + qt_native_packages = native_protobuf qt_packages = qrencode protobuf zlib diff --git a/depends/patches/intel-ipsec-mb/remove_digest_init.patch b/depends/patches/intel-ipsec-mb/remove_digest_init.patch new file mode 100644 index 000000000..0a8a5f3ba --- /dev/null +++ b/depends/patches/intel-ipsec-mb/remove_digest_init.patch @@ -0,0 +1,13 @@ +diff -dur a/lib/include/sha_generic.h b/lib/include/sha_generic.h +index 3752546..77efd91 100644 +--- a/lib/include/sha_generic.h ++++ b/lib/include/sha_generic.h +@@ -308,7 +308,7 @@ void sha_generic_1block(const void *data, void *digest, + if (data == NULL || digest == NULL) + return; + #endif +- sha_generic_init(digest, sha_type); ++// sha_generic_init(digest, sha_type); + sha_generic_one_block(data, digest, is_avx, sha_type); + #ifdef SAFE_DATA + clear_scratch_gps(); diff --git a/src/crypto/sha1.cpp b/src/crypto/sha1.cpp index 0b895b33a..0b767e530 100644 --- a/src/crypto/sha1.cpp +++ b/src/crypto/sha1.cpp @@ -8,12 +8,19 @@ #include +#if defined(__x86_64__) +#define USE_AVX2 +#include +#endif + // Internal implementation code. namespace { /// Internal SHA-1 implementation. namespace sha1 { + +#ifndef USE_AVX2 /** One round of SHA-1. */ void inline Round(uint32_t a, uint32_t& b, uint32_t c, uint32_t d, uint32_t& e, uint32_t f, uint32_t k, uint32_t w) { @@ -26,6 +33,7 @@ uint32_t inline f2(uint32_t b, uint32_t c, uint32_t d) { return b ^ c ^ d; } uint32_t inline f3(uint32_t b, uint32_t c, uint32_t d) { return (b & c) | (d & (b | c)); } uint32_t inline left(uint32_t x) { return (x << 1) | (x >> 31); } +#endif /** Initialize SHA-1 state. */ void inline Initialize(uint32_t* s) @@ -45,6 +53,12 @@ const uint32_t k4 = 0xCA62C1D6ul; /** Perform a SHA-1 transformation, processing a 64-byte chunk. */ void Transform(uint32_t* s, const unsigned char* chunk) { +#ifdef USE_AVX2 + // Perform SHA1 one block (Intel AVX2) + sha1_one_block_avx2(chunk, s); +#else + // Perform SHA one block (legacy) + uint32_t a = s[0], b = s[1], c = s[2], d = s[3], e = s[4]; uint32_t w0, w1, w2, w3, w4, w5, w6, w7, w8, w9, w10, w11, w12, w13, w14, w15; @@ -138,6 +152,9 @@ void Transform(uint32_t* s, const unsigned char* chunk) s[2] += c; s[3] += d; s[4] += e; + +#endif + } } // namespace sha1 diff --git a/src/crypto/sha256.cpp b/src/crypto/sha256.cpp index 5b9f00a0a..2e85a98d0 100644 --- a/src/crypto/sha256.cpp +++ b/src/crypto/sha256.cpp @@ -8,12 +8,18 @@ #include +#if defined(__x86_64__) +#define USE_AVX2 +#include +#endif + // Internal implementation code. namespace { /// Internal SHA-256 implementation. namespace sha256 { +#ifndef USE_AVX2 uint32_t inline Ch(uint32_t x, uint32_t y, uint32_t z) { return z ^ (x & (y ^ z)); } uint32_t inline Maj(uint32_t x, uint32_t y, uint32_t z) { return (x & y) | (z & (x | y)); } uint32_t inline Sigma0(uint32_t x) { return (x >> 2 | x << 30) ^ (x >> 13 | x << 19) ^ (x >> 22 | x << 10); } @@ -29,6 +35,7 @@ void inline Round(uint32_t a, uint32_t b, uint32_t c, uint32_t& d, uint32_t e, u d += t1; h = t1 + t2; } +#endif /** Initialize SHA-256 state. */ void inline Initialize(uint32_t* s) @@ -46,6 +53,11 @@ void inline Initialize(uint32_t* s) /** Perform one SHA-256 transformation, processing a 64-byte chunk. */ void Transform(uint32_t* s, const unsigned char* chunk) { +#ifdef USE_AVX2 + // Perform SHA256 one block (Intel AVX2) + sha256_one_block_avx2(chunk, s); +#else + // Perform SHA256 one block (legacy) uint32_t a = s[0], b = s[1], c = s[2], d = s[3], e = s[4], f = s[5], g = s[6], h = s[7]; uint32_t w0, w1, w2, w3, w4, w5, w6, w7, w8, w9, w10, w11, w12, w13, w14, w15; @@ -125,6 +137,7 @@ void Transform(uint32_t* s, const unsigned char* chunk) s[5] += f; s[6] += g; s[7] += h; +#endif } } // namespace sha256 diff --git a/src/crypto/sha512.cpp b/src/crypto/sha512.cpp index 564127cc3..6b02d6d67 100644 --- a/src/crypto/sha512.cpp +++ b/src/crypto/sha512.cpp @@ -8,12 +8,18 @@ #include +#if defined(__x86_64__) +#define USE_AVX2 +#include +#endif + // Internal implementation code. namespace { /// Internal SHA-512 implementation. namespace sha512 { +#ifndef USE_AVX2 uint64_t inline Ch(uint64_t x, uint64_t y, uint64_t z) { return z ^ (x & (y ^ z)); } uint64_t inline Maj(uint64_t x, uint64_t y, uint64_t z) { return (x & y) | (z & (x | y)); } uint64_t inline Sigma0(uint64_t x) { return (x >> 28 | x << 36) ^ (x >> 34 | x << 30) ^ (x >> 39 | x << 25); } @@ -29,6 +35,7 @@ void inline Round(uint64_t a, uint64_t b, uint64_t c, uint64_t& d, uint64_t e, u d += t1; h = t1 + t2; } +#endif /** Initialize SHA-256 state. */ void inline Initialize(uint64_t* s) @@ -46,6 +53,11 @@ void inline Initialize(uint64_t* s) /** Perform one SHA-512 transformation, processing a 128-byte chunk. */ void Transform(uint64_t* s, const unsigned char* chunk) { +#ifdef USE_AVX2 + // Perform SHA512 one block (Intel AVX2) + sha512_one_block_avx2(chunk, s); +#else + // Perform SHA512 one block (legacy) uint64_t a = s[0], b = s[1], c = s[2], d = s[3], e = s[4], f = s[5], g = s[6], h = s[7]; uint64_t w0, w1, w2, w3, w4, w5, w6, w7, w8, w9, w10, w11, w12, w13, w14, w15; @@ -142,6 +154,7 @@ void Transform(uint64_t* s, const unsigned char* chunk) s[5] += f; s[6] += g; s[7] += h; +#endif } } // namespace sha512 @@ -205,3 +218,4 @@ CSHA512& CSHA512::Reset() sha512::Initialize(s); return *this; } +