kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
762e1d039c
boringssl/crypto
History
David Benjamin 762e1d039c Import chacha-x86.pl fix. 
Patch from https://mta.openssl.org/pipermail/openssl-dev/2016-March/005625.html.

Upstream has yet to make a decision on aliasing requirements for their
assembly. If they choose to go with the stricter aliasing requirement rather
than land this patch, we'll probably want to tweak EVP_AEAD's API guarantees
accordingly and then undiverge.

In the meantime, import this to avoid a regression on x86 from when we had
compiler-vectorized code on GCC platforms.  Per our assembly coverage tools and
pending multi-CPU-variant tests, we have good coverage here. Unlike Poly1305
(which is currently waiting on yet another upstream bugfix), where there is
risk of missed carries everywhere, it is much more difficult to accidentally
make a ChaCha20 implementation that fails based on the data passed into it.

This restores a sizeable speed improvement on x86.

Before:
Did 1131000 ChaCha20-Poly1305 (16 bytes) seal operations in 1000205us (1130768.2 ops/sec): 18.1 MB/s
Did 161000 ChaCha20-Poly1305 (1350 bytes) seal operations in 1006136us (160018.1 ops/sec): 216.0 MB/s
Did 28000 ChaCha20-Poly1305 (8192 bytes) seal operations in 1023264us (27363.4 ops/sec): 224.2 MB/s
Did 1166000 ChaCha20-Poly1305-Old (16 bytes) seal operations in 1000447us (1165479.0 ops/sec): 18.6 MB/s
Did 160000 ChaCha20-Poly1305-Old (1350 bytes) seal operations in 1004818us (159232.8 ops/sec): 215.0 MB/s
Did 30000 ChaCha20-Poly1305-Old (8192 bytes) seal operations in 1016977us (29499.2 ops/sec): 241.7 MB/s

After:
Did 2208000 ChaCha20-Poly1305 (16 bytes) seal operations in 1000031us (2207931.6 ops/sec): 35.3 MB/s
Did 402000 ChaCha20-Poly1305 (1350 bytes) seal operations in 1001717us (401310.9 ops/sec): 541.8 MB/s
Did 97000 ChaCha20-Poly1305 (8192 bytes) seal operations in 1005394us (96479.6 ops/sec): 790.4 MB/s
Did 2444000 ChaCha20-Poly1305-Old (16 bytes) seal operations in 1000089us (2443782.5 ops/sec): 39.1 MB/s
Did 459000 ChaCha20-Poly1305-Old (1350 bytes) seal operations in 1000563us (458741.7 ops/sec): 619.3 MB/s
Did 97000 ChaCha20-Poly1305-Old (8192 bytes) seal operations in 1007942us (96235.7 ops/sec): 788.4 MB/s

Change-Id: I976da606dae062a776e0cc01229ec03a074035d1
Reviewed-on: https://boringssl-review.googlesource.com/7561
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
2016-03-28 15:58:24 +00:00
..
aes Mark ARM assembly globals hidden uniformly in arm-xlate.pl. 2016-02-11 17:28:03 +00:00
asn1 Fix build when using Visual Studio 2015 Update 1. 2016-03-25 21:39:52 +00:00
base64 Remove calls to ERR_load_crypto_strings. 2016-01-25 23:09:08 +00:00
bio Fix Windows build 2016-03-20 16:46:10 +00:00
bn Remove unnecessary |BN_CTX_start|/|BN_CTX_end| in |BN_mod_exp_mont_consttime|. 2016-03-20 17:16:27 +00:00
buf
bytestring Add CBS_ASN1_UTF8STRING define. 2016-03-23 19:29:49 +00:00
chacha Import chacha-x86.pl fix. 2016-03-28 15:58:24 +00:00
cipher Fix build when using Visual Studio 2015 Update 1. 2016-03-25 21:39:52 +00:00
cmac
conf Add missing internal includes. 2016-03-20 16:38:54 +00:00
curve25519 Appease sanitizers in x25519_ge_scalarmult. 2016-03-10 19:08:42 +00:00
des Use the straight-forward ROTATE macro. 2015-12-16 19:57:31 +00:00
dh Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
digest Fix potential double free in EVP_DigestInit_ex 2016-03-22 15:17:32 +00:00
dsa Fix a few more missing CBB_cleanups. 2016-03-08 21:08:48 +00:00
ec Use |size_t| and |int| consistently in p{224,256}-64.c. 2016-03-22 23:28:08 +00:00
ecdh
ecdsa Fix a few more missing CBB_cleanups. 2016-03-08 21:08:48 +00:00
engine
err Align with upstream's error strings, take two. 2016-03-15 16:02:12 +00:00
evp Remove unnecessary include. 2016-03-28 15:57:17 +00:00
hkdf Fix build when using Visual Studio 2015 Update 1. 2016-03-25 21:39:52 +00:00
hmac
lhash
md4 Add one-shot |MD4| function. 2016-03-09 01:13:55 +00:00
md5 Make HOST_l2c return void. 2015-12-16 20:02:37 +00:00
modes Fix build when using Visual Studio 2015 Update 1. 2016-03-25 21:39:52 +00:00
obj Rename NID_x25519 to NID_X25519. 2016-03-07 15:48:51 +00:00
pem Decouple the EVP and PEM code. 2016-02-26 22:50:21 +00:00
perlasm perlasm/x86_64-xlate.pl: handle binary constants early. 2016-03-17 18:23:40 +00:00
pkcs8 BIO_new_mem_buf should take const void * 2016-02-24 19:14:19 +00:00
poly1305 Flip the arguments to ExpectBytesEqual in poly1305_test. 2016-03-24 19:30:47 +00:00
rand Add a deterministic PRNG for fuzzing. 2016-03-03 01:36:19 +00:00
rc4 Remove the stitched RC4-MD5 code and use the generic one. 2015-12-16 23:57:42 +00:00
rsa Fix typo in comment. 2016-03-28 15:57:00 +00:00
sha Consistently use named constants in ARM assembly files. 2016-02-23 17:18:18 +00:00
stack If no comparison function is set, sk_sort is a NOP 2016-02-25 20:02:53 +00:00
test Fix build when using Visual Studio 2015 Update 1. 2016-03-25 21:39:52 +00:00
x509 Fix build when using Visual Studio 2015 Update 1. 2016-03-25 21:39:52 +00:00
x509v3 Fix build when using Visual Studio 2015 Update 1. 2016-03-25 21:39:52 +00:00
CMakeLists.txt Rewrite ARM feature detection. 2016-03-26 04:54:44 +00:00
constant_time_test.c
cpu-aarch64-linux.c Rewrite ARM feature detection. 2016-03-26 04:54:44 +00:00
cpu-arm-linux.c Work around Android devices without AT_HWCAP2. 2016-03-26 04:56:45 +00:00
cpu-arm.c Rewrite ARM feature detection. 2016-03-26 04:54:44 +00:00
cpu-intel.c Add missing internal includes. 2016-03-20 16:38:54 +00:00
crypto.c Add |FIPS_mode|, which returns zero. 2016-03-02 00:15:37 +00:00
directory_posix.c
directory_win.c
directory.h
ex_data.c Skip free callbacks on empty CRYPTO_EX_DATAs. 2015-12-15 21:32:14 +00:00
internal.h Fix build when using Visual Studio 2015 Update 1. 2016-03-25 21:39:52 +00:00
mem.c Fix some indentation. 2016-01-28 00:51:45 +00:00
refcount_c11.c
refcount_lock.c
refcount_test.c
thread_none.c
thread_pthread.c Remove call to |fprintf| in |CRYPTO_once|. 2016-03-03 18:01:43 +00:00
thread_test.c
thread_win.c Fix data <-> function pointer casts in thread_win.c. 2016-01-27 22:08:26 +00:00
thread.c
time_support.c Remove some mingw support cruft. 2016-01-25 23:05:45 +00:00