ARM and breaking out Crypto extensions?
33 views
Skip to first unread message
Jeffrey Walton
May 17, 2016, 10:29:23 AM5/17/16
to Crypto++ Users
Hi Everyone,
ARMv8 has optional Crypto extensions, and they are available in A-53, A-57, etc. The Crypto extension collectively refers to AES, SAH1, SHA224 and SHA-256. To enable them, you compile with:
export CXXFLAGS="... -march=armv8-a+crypto -mcpu=cortex-a53"
According to the ARM Cortex-A53 MPCore Processor (http://infocenter.arm.com/help/topic/com.arm.doc.ddi0500d/DDI0500D_cortex_a53_r0p2_trm.pdf), the constituent parts can be selectively disabled. That is, AES could be disabled, or SHA-1 could be disabled, etc.
Testing for the features is not as easy as IA-32's CPUID because reading an ARM Machine Status Register (MSR) is a privileged operation. Attempting to read it results in a SIGILL. The best way I've found to determine features is runtime testing, and catching the SIGILL (Linux) and EXCEPTION_ILLEGAL_INSTRUCTION (Windows). Also see around line 260 of http://github.com/weidai11/cryptopp/blob/arm-neon/cpu.cpp#L259 .
I have not encountered a condition where AES is enabled, but SHA1 is disabled. However, iOS comes close because both NEON and Crypto extensions are available, but CRC32 extensions are not available. Its unclear what Microsoft is doing in Store 10 and Phone 10 because their production-released compilers do not currently support ARM-64.
My question is, should we collectively use "hasCrypto", or should we break them out and use "hasAES", "hasSHA1", etc?
Jeff
ARMv8 has optional Crypto extensions, and they are available in A-53, A-57, etc. The Crypto extension collectively refers to AES, SAH1, SHA224 and SHA-256. To enable them, you compile with:
export CXXFLAGS="... -march=armv8-a+crypto -mcpu=cortex-a53"
According to the ARM Cortex-A53 MPCore Processor (http://infocenter.arm.com/help/topic/com.arm.doc.ddi0500d/DDI0500D_cortex_a53_r0p2_trm.pdf), the constituent parts can be selectively disabled. That is, AES could be disabled, or SHA-1 could be disabled, etc.
Testing for the features is not as easy as IA-32's CPUID because reading an ARM Machine Status Register (MSR) is a privileged operation. Attempting to read it results in a SIGILL. The best way I've found to determine features is runtime testing, and catching the SIGILL (Linux) and EXCEPTION_ILLEGAL_INSTRUCTION (Windows). Also see around line 260 of http://github.com/weidai11/cryptopp/blob/arm-neon/cpu.cpp#L259 .
I have not encountered a condition where AES is enabled, but SHA1 is disabled. However, iOS comes close because both NEON and Crypto extensions are available, but CRC32 extensions are not available. Its unclear what Microsoft is doing in Store 10 and Phone 10 because their production-released compilers do not currently support ARM-64.
My question is, should we collectively use "hasCrypto", or should we break them out and use "hasAES", "hasSHA1", etc?
Jeff
Mouse
May 17, 2016, 1:50:35 PM5/17/16
to Jeffrey Walton, Crypto++ Users
It seems that we have to break those out and use individual checks. Reason: different CPUs may support some but not all of these features.
--
--
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to cryptopp-user...@googlegroups.com.
More information about Crypto++ and this group is available at http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups "Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-user...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Regards,
Mouse
Mouse
Jeffrey Walton
May 19, 2016, 4:40:14 AM5/19/16
to Crypto++ Users, nolo...@gmail.com, mous...@gmail.com
On Tuesday, May 17, 2016 at 1:50:35 PM UTC-4, Mouse wrote:
It seems that we have to break those out and use individual checks. Reason: different CPUs may support some but not all of these features.
Committed at "Add test for AES, SHA1 and SHA2 from ARM Crypto extension" (http://github.com/weidai11/cryptopp/commit/3c7b5858103a41c6c851a7722c73c6fb290104c7).
Jeff
Reply all
Reply to author
Forward
0 new messages