Select SHA-256 vs SHA-512 explicitly in perlasm
sha512-armv8.pl and sha512-x86_64.pl implement both SHA-256 and SHA-512
and select which to emit by looking for "512" in the output path.
This can result in a false positive if the output path happens to
contain "512" in it. When the build uses relative paths, it's fine, but
this seems needlessly fragile. If we're generate into a temporary file,
there's a small but non-negligible probability that the path has a
"512" in it.
Instead, give those scripts three arguments: flavor hash output, so the
selection is independent of the output file name.
Bug: 542
Change-Id: Idf256abed1c07003034d3eb4544552125e3289e5
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/62325
Reviewed-by: Bob Beck <bbe@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
diff --git a/cmake/perlasm.cmake b/cmake/perlasm.cmake
index 9828799..6d0c30f 100644
--- a/cmake/perlasm.cmake
+++ b/cmake/perlasm.cmake
@@ -29,27 +29,27 @@
# perlasm generates perlasm output from a given file. arch specifies the
# architecture. dest specifies the basename of the output file. The list of
# generated files will be appended to ${var}_ASM and ${var}_NASM depending on
-# the assembler used.
+# the assembler used. Extra arguments are passed to the perlasm script.
function(perlasm var arch dest src)
if(arch STREQUAL "aarch64")
- add_perlasm_target("${dest}-apple.S" ${src} ios64)
- add_perlasm_target("${dest}-linux.S" ${src} linux64)
- add_perlasm_target("${dest}-win.S" ${src} win64)
+ add_perlasm_target("${dest}-apple.S" ${src} ios64 ${ARGN})
+ add_perlasm_target("${dest}-linux.S" ${src} linux64 ${ARGN})
+ add_perlasm_target("${dest}-win.S" ${src} win64 ${ARGN})
append_to_parent_scope("${var}_ASM" "${dest}-apple.S" "${dest}-linux.S" "${dest}-win.S")
elseif(arch STREQUAL "arm")
- add_perlasm_target("${dest}-apple.S" ${src} ios32)
- add_perlasm_target("${dest}-linux.S" ${src} linux32)
+ add_perlasm_target("${dest}-apple.S" ${src} ios32 ${ARGN})
+ add_perlasm_target("${dest}-linux.S" ${src} linux32 ${ARGN})
append_to_parent_scope("${var}_ASM" "${dest}-apple.S" "${dest}-linux.S")
elseif(arch STREQUAL "x86")
- add_perlasm_target("${dest}-apple.S" ${src} macosx -fPIC -DOPENSSL_IA32_SSE2)
- add_perlasm_target("${dest}-linux.S" ${src} elf -fPIC -DOPENSSL_IA32_SSE2)
- add_perlasm_target("${dest}-win.asm" ${src} win32n -DOPENSSL_IA32_SSE2)
+ add_perlasm_target("${dest}-apple.S" ${src} macosx -fPIC -DOPENSSL_IA32_SSE2 ${ARGN})
+ add_perlasm_target("${dest}-linux.S" ${src} elf -fPIC -DOPENSSL_IA32_SSE2 ${ARGN})
+ add_perlasm_target("${dest}-win.asm" ${src} win32n -DOPENSSL_IA32_SSE2 ${ARGN})
append_to_parent_scope("${var}_ASM" "${dest}-apple.S" "${dest}-linux.S")
append_to_parent_scope("${var}_NASM" "${dest}-win.asm")
elseif(arch STREQUAL "x86_64")
- add_perlasm_target("${dest}-apple.S" ${src} macosx)
- add_perlasm_target("${dest}-linux.S" ${src} elf)
- add_perlasm_target("${dest}-win.asm" ${src} nasm)
+ add_perlasm_target("${dest}-apple.S" ${src} macosx ${ARGN})
+ add_perlasm_target("${dest}-linux.S" ${src} elf ${ARGN})
+ add_perlasm_target("${dest}-win.asm" ${src} nasm ${ARGN})
append_to_parent_scope("${var}_ASM" "${dest}-apple.S" "${dest}-linux.S")
append_to_parent_scope("${var}_NASM" "${dest}-win.asm")
else()
diff --git a/crypto/fipsmodule/CMakeLists.txt b/crypto/fipsmodule/CMakeLists.txt
index 6c18791..12a12eb 100644
--- a/crypto/fipsmodule/CMakeLists.txt
+++ b/crypto/fipsmodule/CMakeLists.txt
@@ -7,8 +7,8 @@
perlasm(BCM_SOURCES aarch64 p256_beeu-armv8-asm ec/asm/p256_beeu-armv8-asm.pl)
perlasm(BCM_SOURCES aarch64 p256-armv8-asm ec/asm/p256-armv8-asm.pl)
perlasm(BCM_SOURCES aarch64 sha1-armv8 sha/asm/sha1-armv8.pl)
-perlasm(BCM_SOURCES aarch64 sha256-armv8 sha/asm/sha512-armv8.pl)
-perlasm(BCM_SOURCES aarch64 sha512-armv8 sha/asm/sha512-armv8.pl)
+perlasm(BCM_SOURCES aarch64 sha256-armv8 sha/asm/sha512-armv8.pl sha256)
+perlasm(BCM_SOURCES aarch64 sha512-armv8 sha/asm/sha512-armv8.pl sha512)
perlasm(BCM_SOURCES aarch64 vpaes-armv8 aes/asm/vpaes-armv8.pl)
perlasm(BCM_SOURCES arm aesv8-armv7 aes/asm/aesv8-armx.pl)
perlasm(BCM_SOURCES arm armv4-mont bn/asm/armv4-mont.pl)
@@ -40,8 +40,8 @@
perlasm(BCM_SOURCES x86_64 rdrand-x86_64 rand/asm/rdrand-x86_64.pl)
perlasm(BCM_SOURCES x86_64 rsaz-avx2 bn/asm/rsaz-avx2.pl)
perlasm(BCM_SOURCES x86_64 sha1-x86_64 sha/asm/sha1-x86_64.pl)
-perlasm(BCM_SOURCES x86_64 sha256-x86_64 sha/asm/sha512-x86_64.pl)
-perlasm(BCM_SOURCES x86_64 sha512-x86_64 sha/asm/sha512-x86_64.pl)
+perlasm(BCM_SOURCES x86_64 sha256-x86_64 sha/asm/sha512-x86_64.pl sha256)
+perlasm(BCM_SOURCES x86_64 sha512-x86_64 sha/asm/sha512-x86_64.pl sha512)
perlasm(BCM_SOURCES x86_64 vpaes-x86_64 aes/asm/vpaes-x86_64.pl)
perlasm(BCM_SOURCES x86_64 x86_64-mont bn/asm/x86_64-mont.pl)
perlasm(BCM_SOURCES x86_64 x86_64-mont5 bn/asm/x86_64-mont5.pl)
diff --git a/crypto/fipsmodule/sha/asm/sha512-armv8.pl b/crypto/fipsmodule/sha/asm/sha512-armv8.pl
index 0235be3..c7d9154 100644
--- a/crypto/fipsmodule/sha/asm/sha512-armv8.pl
+++ b/crypto/fipsmodule/sha/asm/sha512-armv8.pl
@@ -39,8 +39,29 @@
# generated with -mgeneral-regs-only is significantly faster
# and the gap is only 40-90%.
-$output=pop;
-$flavour=pop;
+my ($flavour, $hash, $output) = @ARGV;
+
+if ($hash eq "sha512") {
+ $BITS=512;
+ $SZ=8;
+ @Sigma0=(28,34,39);
+ @Sigma1=(14,18,41);
+ @sigma0=(1, 8, 7);
+ @sigma1=(19,61, 6);
+ $rounds=80;
+ $reg_t="x";
+} elsif ($hash eq "sha256") {
+ $BITS=256;
+ $SZ=4;
+ @Sigma0=( 2,13,22);
+ @Sigma1=( 6,11,25);
+ @sigma0=( 7,18, 3);
+ @sigma1=(17,19,10);
+ $rounds=64;
+ $reg_t="w";
+} else {
+ die "unknown hash: $hash";
+}
if ($flavour && $flavour ne "void") {
$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
@@ -55,26 +76,6 @@
*STDOUT=*OUT;
}
-if ($output =~ /512/) {
- $BITS=512;
- $SZ=8;
- @Sigma0=(28,34,39);
- @Sigma1=(14,18,41);
- @sigma0=(1, 8, 7);
- @sigma1=(19,61, 6);
- $rounds=80;
- $reg_t="x";
-} else {
- $BITS=256;
- $SZ=4;
- @Sigma0=( 2,13,22);
- @Sigma1=( 6,11,25);
- @sigma0=( 7,18, 3);
- @sigma1=(17,19,10);
- $rounds=64;
- $reg_t="w";
-}
-
$func="sha${BITS}_block_data_order";
($ctx,$inp,$num,$Ktbl)=map("x$_",(0..2,30));
diff --git a/crypto/fipsmodule/sha/asm/sha512-x86_64.pl b/crypto/fipsmodule/sha/asm/sha512-x86_64.pl
index 35e88d9..a3e4122 100755
--- a/crypto/fipsmodule/sha/asm/sha512-x86_64.pl
+++ b/crypto/fipsmodule/sha/asm/sha512-x86_64.pl
@@ -111,9 +111,35 @@
#
# Modified from upstream OpenSSL to remove the XOP code.
-$flavour = shift;
-$output = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+my ($flavour, $hash, $output) = @ARGV;
+
+if ($hash eq "sha512") {
+ $func="sha512_block_data_order";
+ $TABLE="K512";
+ $SZ=8;
+ @ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%rax","%rbx","%rcx","%rdx",
+ "%r8", "%r9", "%r10","%r11");
+ ($T1,$a0,$a1,$a2,$a3)=("%r12","%r13","%r14","%r15","%rdi");
+ @Sigma0=(28,34,39);
+ @Sigma1=(14,18,41);
+ @sigma0=(1, 8, 7);
+ @sigma1=(19,61, 6);
+ $rounds=80;
+} elsif ($hash eq "sha256") {
+ $func="sha256_block_data_order";
+ $TABLE="K256";
+ $SZ=4;
+ @ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%eax","%ebx","%ecx","%edx",
+ "%r8d","%r9d","%r10d","%r11d");
+ ($T1,$a0,$a1,$a2,$a3)=("%r12d","%r13d","%r14d","%r15d","%edi");
+ @Sigma0=( 2,13,22);
+ @Sigma1=( 6,11,25);
+ @sigma0=( 7,18, 3);
+ @sigma1=(17,19,10);
+ $rounds=64;
+} else {
+ die "unknown hash: $hash";
+}
$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
@@ -136,32 +162,6 @@
open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
*STDOUT=*OUT;
-if ($output =~ /512/) {
- $func="sha512_block_data_order";
- $TABLE="K512";
- $SZ=8;
- @ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%rax","%rbx","%rcx","%rdx",
- "%r8", "%r9", "%r10","%r11");
- ($T1,$a0,$a1,$a2,$a3)=("%r12","%r13","%r14","%r15","%rdi");
- @Sigma0=(28,34,39);
- @Sigma1=(14,18,41);
- @sigma0=(1, 8, 7);
- @sigma1=(19,61, 6);
- $rounds=80;
-} else {
- $func="sha256_block_data_order";
- $TABLE="K256";
- $SZ=4;
- @ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%eax","%ebx","%ecx","%edx",
- "%r8d","%r9d","%r10d","%r11d");
- ($T1,$a0,$a1,$a2,$a3)=("%r12d","%r13d","%r14d","%r15d","%edi");
- @Sigma0=( 2,13,22);
- @Sigma1=( 6,11,25);
- @sigma0=( 7,18, 3);
- @sigma1=(17,19,10);
- $rounds=64;
-}
-
$ctx="%rdi"; # 1st arg, zapped by $a3
$inp="%rsi"; # 2nd arg
$Tbl="%rbp";
diff --git a/util/generate_build_files.py b/util/generate_build_files.py
index d7ae8b1..bd2882f 100644
--- a/util/generate_build_files.py
+++ b/util/generate_build_files.py
@@ -648,12 +648,13 @@
raise ValueError('Bad perlasm line in %s' % cmakefile)
# Remove "perlasm(" from start and ")" from end
params = line[8:-1].split()
- if len(params) != 4:
+ if len(params) < 4:
raise ValueError('Bad perlasm line in %s' % cmakefile)
perlasms.append({
'arch': params[1],
'output': os.path.join(os.path.dirname(cmakefile), params[2]),
'input': os.path.join(os.path.dirname(cmakefile), params[3]),
+ 'extra_args': params[4:],
})
return perlasms
@@ -700,7 +701,8 @@
raise ValueError('output missing src: %s' % output)
output = os.path.join(outDir, output[4:])
output = '%s-%s.%s' % (output, osname, asm_ext)
- PerlAsm(output, perlasm['input'], perlasm_style, extra_args)
+ PerlAsm(output, perlasm['input'], perlasm_style,
+ extra_args + perlasm['extra_args'])
asmfiles.setdefault(key, []).append(output)
for (key, non_perl_asm_files) in NON_PERL_FILES.items():
