mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-07-01 11:32:48 -05:00
Break up crypto modules containing HW acceleration.
This applies to all of AES, SHA-1, SHA-256 and SHA-512. All those source files previously contained multiple implementations of the algorithm, enabled or disabled by ifdefs detecting whether they would work on a given compiler. And in order to get advanced machine instructions like AES-NI or NEON crypto into the output file when the compile flags hadn't enabled them, we had to do nasty stuff with compiler-specific pragmas or attributes. Now we can do the detection at cmake time, and enable advanced instructions in the more sensible way, by compile-time flags. So I've broken up each of these modules into lots of sub-pieces: a file called (e.g.) 'foo-common.c' containing common definitions across all implementations (such as round constants), one called 'foo-select.c' containing the top-level vtable(s), and a separate file for each implementation exporting just the vtable(s) for that implementation. One advantage of this is that it depends a lot less on compiler- specific bodgery. My particular least favourite part of the previous setup was the part where I had to _manually_ define some Arm ACLE feature macros before including <arm_neon.h>, so that it would define the intrinsics I wanted. Now I'm enabling interesting architecture features in the normal way, on the compiler command line, there's no need for that kind of trick: the right feature macros are already defined and <arm_neon.h> does the right thing. Another change in this reorganisation is that I've stopped assuming there's just one hardware implementation per platform. Previously, the accelerated vtables were called things like sha256_hw, and varied between FOO-NI and NEON depending on platform; and the selection code would simply ask 'is hw available? if so, use hw, else sw'. Now, each HW acceleration strategy names its vtable its own way, and the selection vtable has a whole list of possibilities to iterate over looking for a supported one. So if someone feels like writing a second accelerated implementation of something for a given platform - for example, I've heard you can use plain NEON to speed up AES somewhat even without the crypto extension - then it will now have somewhere to drop in alongside the existing ones.
This commit is contained in:
Simon Tatham
36
ssh.h
36
ssh.h
@ -953,22 +953,28 @@ extern const ssh_cipheralg ssh_3des_ssh2;
|
||||
extern const ssh_cipheralg ssh_des;
|
||||
extern const ssh_cipheralg ssh_des_sshcom_ssh2;
|
||||
extern const ssh_cipheralg ssh_aes256_sdctr;
|
||||
extern const ssh_cipheralg ssh_aes256_sdctr_hw;
|
||||
extern const ssh_cipheralg ssh_aes256_sdctr_ni;
|
||||
extern const ssh_cipheralg ssh_aes256_sdctr_neon;
|
||||
extern const ssh_cipheralg ssh_aes256_sdctr_sw;
|
||||
extern const ssh_cipheralg ssh_aes256_cbc;
|
||||
extern const ssh_cipheralg ssh_aes256_cbc_hw;
|
||||
extern const ssh_cipheralg ssh_aes256_cbc_ni;
|
||||
extern const ssh_cipheralg ssh_aes256_cbc_neon;
|
||||
extern const ssh_cipheralg ssh_aes256_cbc_sw;
|
||||
extern const ssh_cipheralg ssh_aes192_sdctr;
|
||||
extern const ssh_cipheralg ssh_aes192_sdctr_hw;
|
||||
extern const ssh_cipheralg ssh_aes192_sdctr_ni;
|
||||
extern const ssh_cipheralg ssh_aes192_sdctr_neon;
|
||||
extern const ssh_cipheralg ssh_aes192_sdctr_sw;
|
||||
extern const ssh_cipheralg ssh_aes192_cbc;
|
||||
extern const ssh_cipheralg ssh_aes192_cbc_hw;
|
||||
extern const ssh_cipheralg ssh_aes192_cbc_ni;
|
||||
extern const ssh_cipheralg ssh_aes192_cbc_neon;
|
||||
extern const ssh_cipheralg ssh_aes192_cbc_sw;
|
||||
extern const ssh_cipheralg ssh_aes128_sdctr;
|
||||
extern const ssh_cipheralg ssh_aes128_sdctr_hw;
|
||||
extern const ssh_cipheralg ssh_aes128_sdctr_ni;
|
||||
extern const ssh_cipheralg ssh_aes128_sdctr_neon;
|
||||
extern const ssh_cipheralg ssh_aes128_sdctr_sw;
|
||||
extern const ssh_cipheralg ssh_aes128_cbc;
|
||||
extern const ssh_cipheralg ssh_aes128_cbc_hw;
|
||||
extern const ssh_cipheralg ssh_aes128_cbc_ni;
|
||||
extern const ssh_cipheralg ssh_aes128_cbc_neon;
|
||||
extern const ssh_cipheralg ssh_aes128_cbc_sw;
|
||||
extern const ssh_cipheralg ssh_blowfish_ssh2_ctr;
|
||||
extern const ssh_cipheralg ssh_blowfish_ssh2;
|
||||
@ -983,16 +989,18 @@ extern const ssh2_ciphers ssh2_arcfour;
|
||||
extern const ssh2_ciphers ssh2_ccp;
|
||||
extern const ssh_hashalg ssh_md5;
|
||||
extern const ssh_hashalg ssh_sha1;
|
||||
extern const ssh_hashalg ssh_sha1_hw;
|
||||
extern const ssh_hashalg ssh_sha1_ni;
|
||||
extern const ssh_hashalg ssh_sha1_neon;
|
||||
extern const ssh_hashalg ssh_sha1_sw;
|
||||
extern const ssh_hashalg ssh_sha256;
|
||||
extern const ssh_hashalg ssh_sha256_hw;
|
||||
extern const ssh_hashalg ssh_sha256_ni;
|
||||
extern const ssh_hashalg ssh_sha256_neon;
|
||||
extern const ssh_hashalg ssh_sha256_sw;
|
||||
extern const ssh_hashalg ssh_sha384;
|
||||
extern const ssh_hashalg ssh_sha384_hw;
|
||||
extern const ssh_hashalg ssh_sha384_neon;
|
||||
extern const ssh_hashalg ssh_sha384_sw;
|
||||
extern const ssh_hashalg ssh_sha512;
|
||||
extern const ssh_hashalg ssh_sha512_hw;
|
||||
extern const ssh_hashalg ssh_sha512_neon;
|
||||
extern const ssh_hashalg ssh_sha512_sw;
|
||||
extern const ssh_hashalg ssh_sha3_224;
|
||||
extern const ssh_hashalg ssh_sha3_256;
|
||||
@ -1039,10 +1047,10 @@ ssh_hash *blake2b_new_general(unsigned hashlen);
|
||||
* itself. If so, then this function should be implemented in each
|
||||
* platform subdirectory.
|
||||
*/
|
||||
bool platform_aes_hw_available(void);
|
||||
bool platform_sha256_hw_available(void);
|
||||
bool platform_sha1_hw_available(void);
|
||||
bool platform_sha512_hw_available(void);
|
||||
bool platform_aes_neon_available(void);
|
||||
bool platform_sha256_neon_available(void);
|
||||
bool platform_sha1_neon_available(void);
|
||||
bool platform_sha512_neon_available(void);
|
||||
|
||||
/*
|
||||
* PuTTY version number formatted as an SSH version string.
|
||||
|
||||
Reference in New Issue
Block a user