-
Notifications
You must be signed in to change notification settings - Fork 122
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AVX-512 support for RSA Signing #1273
Merged
Merged
Changes from 1 commit
Commits
Show all changes
36 commits
Select commit
Hold shift + click to select a range
b9088fc
Use IFMA_AVX512 when possible for modular exponentiation.
pittma e6269ff
Add test coverage for consttime_x2 mod exp function
pittma 6d2ece9
Add fuzzer coverage for BN_mod_exp_mont_consttime_x2
pittma e0ad9da
prevent empty translation units for compilers that don't like them
pittma 024a9ec
properly handle AVX-512 build conditions
pittma cd2a3d1
fips builds require subsections
pittma d4d89fc
fix disallowed interaction with `OPENSSL_ia32_cap_P` in fips mode
pittma a0f3737
reset sections when they change for variable declaration
pittma 8e55af5
include avx512ifma flag
pittma 7d1ea20
handle AVX-512 mask register usage in fips delocation process
pittma 407df8d
address review comments
pittma e67bbda
regen generated source
pittma b33709e
regenerate delocate parser
pittma 0e7c607
AVX-512 RSA Signing: address first PR review
pittma b2d1327
Merge remote-tracking branch 'origin/main'
pittma 14fefe0
Still export the parallel mod_exp implementation
pittma 5e1c7ee
second set of review comments and documentation
pittma 73d389d
fix generated source conflict
pittma 087bf5c
Merge branch 'main' of github.com:aws/aws-lc into pmain
pittma c439bf0
address review 3 comments
pittma abe1124
Merge branch 'main' of github.com:aws/aws-lc
pittma 37b4a4a
Merge branch 'main' of github.com:aws/aws-lc into pmain
pittma e06d8d0
further review comments
pittma bf9fc29
add ABI tests for new RSA AVX-512 assmebly routines
pittma e626c2c
add dispatch tests for AVX-512 enabled RSA signing
pittma 92b9e3f
fix dispatch test
pittma 1055b42
Merge remote-tracking branch 'origin/main'
pittma 58af762
Merge branch 'main' of github.com:aws/aws-lc
pittma 56d8fd6
fix conditional build logic in dispatch test
pittma f925e7c
generated asm should properly exclude when using old assembler
pittma 2473469
Merge branch 'main' of github.com:aws/aws-lc
pittma ef26ced
in ninja-based build, old assembler logic is already handled
pittma 73b7b8f
Merge branch 'main' of github.com:aws/aws-lc
pittma 506dced
Increasing the capacity of ubuntu2004_android_fips_static_release.
nebeid 0dd53a1
Merge branch 'main' into main
nebeid f3715bb
Merge branch 'main' of github.com:aws/aws-lc
pittma File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
@@ -247,36 +247,89 @@ TEST_F(ImplDispatchTest, SHA512) { | |||||||||||||||
} | ||||||||||||||||
#endif // OPENSSL_AARCH64 | ||||||||||||||||
|
||||||||||||||||
|
||||||||||||||||
#if defined(OPENSSL_X86_64) && !defined(MY_ASSEMBLER_IS_TOO_OLD_512AVX) && \ | ||||||||||||||||
defined(RSAZ_512_ENABLED) | ||||||||||||||||
|
||||||||||||||||
#include "test/file_test.h" | ||||||||||||||||
|
||||||||||||||||
static bssl::UniquePtr<BIGNUM> GetBIGNUM(FileTest *t, const char *attr); | ||||||||||||||||
|
||||||||||||||||
static bssl::UniquePtr<BIGNUM> GetBIGNUM(FileTest *t, const char *attr) { | ||||||||||||||||
std::string hex; | ||||||||||||||||
if (!t->GetAttribute(&hex, attr)) { | ||||||||||||||||
return nullptr; | ||||||||||||||||
} | ||||||||||||||||
|
||||||||||||||||
BIGNUM *raw = NULL; | ||||||||||||||||
int size = BN_hex2bn(&raw, hex.c_str()); | ||||||||||||||||
if (size != static_cast<int>(hex.size())) { | ||||||||||||||||
t->PrintLine("Could not decode '%s'.", hex.c_str()); | ||||||||||||||||
return nullptr; | ||||||||||||||||
} | ||||||||||||||||
|
||||||||||||||||
bssl::UniquePtr<BIGNUM> ret; | ||||||||||||||||
(&ret)->reset(raw); | ||||||||||||||||
return ret; | ||||||||||||||||
} | ||||||||||||||||
|
||||||||||||||||
TEST_F(ImplDispatchTest, BN_mod_exp_mont_consttime_x2) { | ||||||||||||||||
AssertFunctionsHit( | ||||||||||||||||
FileTestGTest( | ||||||||||||||||
"crypto/fipsmodule/bn/test/mod_exp_x2_tests.txt", | ||||||||||||||||
[&](FileTest *t) { | ||||||||||||||||
AssertFunctionsHit( | ||||||||||||||||
{ | ||||||||||||||||
{kFlag_RSAZ_mod_exp_avx512_x2, | ||||||||||||||||
is_x86_64_ && | ||||||||||||||||
!is_assembler_too_old_avx512 && | ||||||||||||||||
ifma_avx512}, | ||||||||||||||||
{kFlag_RSAZ_mod_exp_avx512_x2, | ||||||||||||||||
is_x86_64_ && | ||||||||||||||||
!is_assembler_too_old_avx512 && | ||||||||||||||||
ifma_avx512}, | ||||||||||||||||
}, | ||||||||||||||||
[] { | ||||||||||||||||
uint64_t res1 = 0; | ||||||||||||||||
uint64_t base1 = 0; | ||||||||||||||||
uint64_t exp1 = 0; | ||||||||||||||||
uint64_t m1 = 0; | ||||||||||||||||
uint64_t rr1 = 0; | ||||||||||||||||
uint64_t k0_1 = 0; | ||||||||||||||||
uint64_t res2 = 0; | ||||||||||||||||
uint64_t base2 = 0; | ||||||||||||||||
uint64_t exp2 = 0; | ||||||||||||||||
uint64_t m2 = 0; | ||||||||||||||||
uint64_t rr2 = 0; | ||||||||||||||||
uint64_t k0_2 = 0; | ||||||||||||||||
int modlen = 0; | ||||||||||||||||
|
||||||||||||||||
RSAZ_mod_exp_avx512_x2(&res1, &base1, &exp1, &m1, &rr1, k0_1, | ||||||||||||||||
&res2, &base2, &exp2, &m2, &rr2, k0_2, | ||||||||||||||||
modlen); | ||||||||||||||||
[&]() { | ||||||||||||||||
BN_CTX *ctx = BN_CTX_new(); | ||||||||||||||||
BN_CTX_start(ctx); | ||||||||||||||||
bssl::UniquePtr<BIGNUM> a1 = GetBIGNUM(t, "A1"); | ||||||||||||||||
bssl::UniquePtr<BIGNUM> e1 = GetBIGNUM(t, "E1"); | ||||||||||||||||
bssl::UniquePtr<BIGNUM> m1 = GetBIGNUM(t, "M1"); | ||||||||||||||||
bssl::UniquePtr<BIGNUM> mod_exp1 = GetBIGNUM(t, "ModExp1"); | ||||||||||||||||
ASSERT_TRUE(a1); | ||||||||||||||||
ASSERT_TRUE(e1); | ||||||||||||||||
ASSERT_TRUE(m1); | ||||||||||||||||
ASSERT_TRUE(mod_exp1); | ||||||||||||||||
|
||||||||||||||||
bssl::UniquePtr<BIGNUM> a2 = GetBIGNUM(t, "A2"); | ||||||||||||||||
bssl::UniquePtr<BIGNUM> e2 = GetBIGNUM(t, "E2"); | ||||||||||||||||
bssl::UniquePtr<BIGNUM> m2 = GetBIGNUM(t, "M2"); | ||||||||||||||||
bssl::UniquePtr<BIGNUM> mod_exp2 = GetBIGNUM(t, "ModExp2"); | ||||||||||||||||
ASSERT_TRUE(a2); | ||||||||||||||||
ASSERT_TRUE(e2); | ||||||||||||||||
ASSERT_TRUE(m2); | ||||||||||||||||
ASSERT_TRUE(mod_exp2); | ||||||||||||||||
|
||||||||||||||||
bssl::UniquePtr<BIGNUM> ret1(BN_new()); | ||||||||||||||||
ASSERT_TRUE(ret1); | ||||||||||||||||
|
||||||||||||||||
bssl::UniquePtr<BIGNUM> ret2(BN_new()); | ||||||||||||||||
ASSERT_TRUE(ret2); | ||||||||||||||||
|
||||||||||||||||
ASSERT_TRUE(BN_nnmod(a1.get(), a1.get(), m1.get(), ctx)); | ||||||||||||||||
ASSERT_TRUE(BN_nnmod(a2.get(), a2.get(), m2.get(), ctx)); | ||||||||||||||||
|
||||||||||||||||
BN_MONT_CTX *mont1 = NULL; | ||||||||||||||||
BN_MONT_CTX *mont2 = NULL; | ||||||||||||||||
|
||||||||||||||||
ASSERT_TRUE(mont1 = BN_MONT_CTX_new()); | ||||||||||||||||
ASSERT_TRUE(BN_MONT_CTX_set(mont1, m1.get(), ctx)); | ||||||||||||||||
ASSERT_TRUE(mont2 = BN_MONT_CTX_new()); | ||||||||||||||||
ASSERT_TRUE(BN_MONT_CTX_set(mont2, m2.get(), ctx)); | ||||||||||||||||
|
||||||||||||||||
BN_mod_exp_mont_consttime_x2(ret1.get(), a1.get(), e1.get(), m1.get(), mont1, | ||||||||||||||||
ret2.get(), a2.get(), e2.get(), m2.get(), mont2, | ||||||||||||||||
ctx); | ||||||||||||||||
|
||||||||||||||||
BN_CTX_end(ctx); | ||||||||||||||||
BN_MONT_CTX_free(mont1); | ||||||||||||||||
BN_MONT_CTX_free(mont2); | ||||||||||||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
|
||||||||||||||||
}); | ||||||||||||||||
}); | ||||||||||||||||
} | ||||||||||||||||
#endif // OPENSSL_X86_64 && !MY_ASSEMBLER_IS_TOO_OLD_512AVX && RSAZ_512_ENABLED | ||||||||||||||||
|
||||||||||||||||
|
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a reason the example wasn't added back? It was in the original commit, I just reworded it. I think it was a helpful illustration.