)]}' { "commit": "fa3fbda07bbf70925453d6a3c25a7aa455aa1cef", "tree": "64bcb49ce7d6de378f1b389ac838e5e3e2c24884", "parents": [ "f7e1a94bd94980c58f61f300cd80275471b210e7" ], "author": { "name": "Nevine Ebeid", "email": "nebeid@amazon.com", "time": "Fri Mar 04 14:38:51 2022 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon Apr 11 19:05:58 2022 +0000" }, "message": "P-256 assembly optimisations for Aarch64.\n\nThe ARMv8 assembly code in this commit is mostly taken from OpenSSL\u0027s `ecp_nistz256-armv8.pl` at https://github.com/openssl/openssl/blob/19e277dd19f2897f6a7b7eb236abe46655e575bf/crypto/ec/asm/ecp_nistz256-armv8.pl (see Note 1), adapting it to the implementation in p256-x86_64.c.\n\nMost of the assembly functions found in `crypto/fipsmodule/ec/asm/p256-x86_64-asm.pl` required to support that code have their analogous functions in the imported OpenSSL ARMv8 Perl assembly implementation with the exception of the functions:\n- ecp_nistz256_select_w5\n- ecp_nistz256_select_w7\nAn implementation for these functions was added.\n\nSummary of modifications to the imported code:\n* Renamed to `p256-armv8-asm.pl`\n* Modified the location of `arm-xlate.pl` and `arm_arch.h`\n* Replaced the `scatter-gather subroutines` with `select subroutines`. The `select subroutines` are implemented for ARMv8 similarly to their x86_64 counterparts, `ecp_nistz256_select_w5` and `ecp_nistz256_select_w7`.\n* `ecp_nistz256_add` is removed because it was conflicting during the static build with the function of the same name in p256-nistz.c. The latter calls another assembly function, `ecp_nistz256_point_add`.\n* `__ecp_nistz256_add` renamed to `__ecp_nistz256_add_to` to avoid the conflict with the function `ecp_nistz256_add` during the static build.\n* l. 924 `add\tsp,sp,#256` the calculation of the constant, 32*(12-4), is not left for the assembler to perform.\n\nOther modifications:\n* `beeu_mod_inverse_vartime()` was implemented for AArch64 in `p256_beeu-armv8-asm.pl` similarly to its implementation in `p256_beeu-x86_64-asm.pl`.\n* The files containing `p256-x86_64` in their name were renamed to, `p256-nistz` since the functions and tests defined in them are hereby running on ARMv8 as well, if enabled.\n* Updated `delocate.go` and `delocate.peg` to handle the offset calculation in the assembly instructions.\n* Regenerated `delocate.peg.go`.\n\nNotes:\n1- The last commit in the history of the file is in master only, the previous commits are in OpenSSL 3.0.1\n2- This change focuses on AArch64 (64-bit architecture of ARMv8). It does not support ARMv4 or ARMv7.\n\nTesting the performance on Armv8 platform using -DCMAKE_BUILD_TYPE\u003dRelease:\nBefore:\n```\nDid 2596 ECDH P-256 operations in 1093956us (2373.0 ops/sec)\nDid 6996 ECDSA P-256 signing operations in 1044630us (6697.1 ops/sec)\nDid 2970 ECDSA P-256 verify operations in 1084848us (2737.7 ops/sec)\n```\nAfter:\n```\nDid 6699 ECDH P-256 operations in 1091684us (6136.4 ops/sec)\nDid 20000 ECDSA P-256 signing operations in 1012944us (19744.4 ops/sec)\nDid 7051 ECDSA P-256 verify operations in 1060000us (6651.9 ops/sec)\n```\n\nChange-Id: I9fdef12db365967a9264b5b32c07967b55ea48bd\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/51805\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\nCommit-Queue: Adam Langley \u003cagl@google.com\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "312c080079c043f8ecdf9ae19ae37ebaa6850102", "old_mode": 33188, "old_path": "crypto/CMakeLists.txt", "new_id": "1cb68ca13695ec9c13bc3a8087c57610dbca48c9", "new_mode": 33188, "new_path": "crypto/CMakeLists.txt" }, { "type": "modify", "old_id": "73f8a02aef1df1b9b656c28f0dbfedc28c3ece0b", "old_mode": 33188, "old_path": "crypto/fipsmodule/CMakeLists.txt", "new_id": "b99ebc71ce51a3a9eaf88d2a8a9e3cc4e8c375c3", "new_mode": 33188, "new_path": "crypto/fipsmodule/CMakeLists.txt" }, { "type": "modify", "old_id": "6f8f5c08f53407fc3eaa4a0b4c9046c59a34752e", "old_mode": 33188, "old_path": "crypto/fipsmodule/bcm.c", "new_id": "87618fe2134f9e211f5b1ebff9f7e7e81e38c76d", "new_mode": 33188, "new_path": "crypto/fipsmodule/bcm.c" }, { "type": "add", "old_id": "0000000000000000000000000000000000000000", "old_mode": 0, "old_path": "/dev/null", "new_id": "f2926b8eedd3f3c9043877a61f5a5976be3ca9ae", "new_mode": 33188, "new_path": "crypto/fipsmodule/ec/asm/p256-armv8-asm.pl" }, { "type": "add", "old_id": "0000000000000000000000000000000000000000", "old_mode": 0, "old_path": "/dev/null", "new_id": "e259aeff388abd0a747dd79d69ba05718fd85a93", "new_mode": 33188, "new_path": "crypto/fipsmodule/ec/asm/p256_beeu-armv8-asm.pl" }, { "type": "modify", "old_id": "93fdcfc616429a7e49defb2a07c712ac9bc36a30", "old_mode": 33188, "old_path": "crypto/fipsmodule/ec/ec.c", "new_id": "133f561c88fc8918d83303d998e2b003cb86a12e", "new_mode": 33188, "new_path": "crypto/fipsmodule/ec/ec.c" }, { "type": "rename", "old_id": "958a97a53a05376f898adaa7f379cc7512125963", "old_mode": 33188, "old_path": "crypto/fipsmodule/ec/make_p256-x86_64-tests.go", "new_id": "36194e61b43793f2650ef94adda37e8d424cdef0", "new_mode": 33188, "new_path": "crypto/fipsmodule/ec/make_p256-nistz-tests.go", "score": 96 }, { "type": "modify", "old_id": "34e8c23ac56d7098c5ac311268f409ddbd6dee6f", "old_mode": 33188, "old_path": "crypto/fipsmodule/ec/make_tables.go", "new_id": "dbcaab06f6f2a9efcaa6fdb9af584650e7d2e97b", "new_mode": 33188, "new_path": "crypto/fipsmodule/ec/make_tables.go" }, { "type": "rename", "old_id": "3af0b0166b70363ac374f35b65af9895d1281cd9", "old_mode": 33188, "old_path": "crypto/fipsmodule/ec/p256-x86_64-table.h", "new_id": "b81480bd1b2d7a87d5a8d2a9095644610476c612", "new_mode": 33188, "new_path": "crypto/fipsmodule/ec/p256-nistz-table.h", "score": 99 }, { "type": "rename", "old_id": "506b7d2cef06b0fd1af844b5ef1b57272d87bcb6", "old_mode": 33188, "old_path": "crypto/fipsmodule/ec/p256-x86_64.c", "new_id": "12a4da6e0c488d79c3cdf19ec35a40790ed4c538", "new_mode": 33188, "new_path": "crypto/fipsmodule/ec/p256-nistz.c", "score": 98 }, { "type": "rename", "old_id": "5deb81a3fec94e2e9ad1758c57d2caa9f99359e8", "old_mode": 33188, "old_path": "crypto/fipsmodule/ec/p256-x86_64.h", "new_id": "0d0a6bea42795355eb76374821a57d8cf8804ab5", "new_mode": 33188, "new_path": "crypto/fipsmodule/ec/p256-nistz.h", "score": 95 }, { "type": "rename", "old_id": "f6f070a3020356bed705b252829bd6d368064c06", "old_mode": 33188, "old_path": "crypto/fipsmodule/ec/p256-x86_64_test.cc", "new_id": "73944db2ce1556ff947cb4b209e2d7979e147c61", "new_mode": 33188, "new_path": "crypto/fipsmodule/ec/p256-nistz_test.cc", "score": 97 }, { "type": "rename", "old_id": "8bc301e876787c555d62911bd6e9e17e55fc3660", "old_mode": 33188, "old_path": "crypto/fipsmodule/ec/p256-x86_64_tests.txt", "new_id": "8bc301e876787c555d62911bd6e9e17e55fc3660", "new_mode": 33188, "new_path": "crypto/fipsmodule/ec/p256-nistz_tests.txt", "score": 100 }, { "type": "modify", "old_id": "3d3465f17fc162d488225b34eea33cac23d21bda", "old_mode": 33188, "old_path": "sources.cmake", "new_id": "434b3c23218b56e10cb30318c5867fee57421463", "new_mode": 33188, "new_path": "sources.cmake" }, { "type": "modify", "old_id": "5d4b1f495fffb619f71f94c6677a177d1cf9135e", "old_mode": 33188, "old_path": "util/fipstools/delocate/delocate.go", "new_id": "55c86715e04ddbb1bbbcf7965da73774731b24bd", "new_mode": 33188, "new_path": "util/fipstools/delocate/delocate.go" }, { "type": "modify", "old_id": "c253a482218c58c021c9cbe3de1ebfd22d4b9272", "old_mode": 33188, "old_path": "util/fipstools/delocate/delocate.peg", "new_id": "82670654f411a58b68678ecfb525e2f4b8258231", "new_mode": 33188, "new_path": "util/fipstools/delocate/delocate.peg" }, { "type": "modify", "old_id": "ea7c195e6aedda93055d91e6fa6dca5eb1f2f9ba", "old_mode": 33188, "old_path": "util/fipstools/delocate/delocate.peg.go", "new_id": "6f5c65455cdde3ca8fdf0f24c8991a4f5330258c", "new_mode": 33188, "new_path": "util/fipstools/delocate/delocate.peg.go" } ] }