Sync with upstream master

GNUmakefile

@@ -416,6 +416,9 @@ endif # No ASM
 
 # Undefined Behavior Sanitizer (UBsan) testing. Issue 'make ubsan'.
 ifeq ($(findstring ubsan,$(MAKECMDGOALS)),ubsan)
+CXXFLAGS := $(CXXFLAGS:-g%=-g3)
+CXXFLAGS := $(CXXFLAGS:-O%=-O1)
+CXXFLAGS := $(CXXFLAGS:-xO%=-xO1)
 ifeq ($(findstring -fsanitize=undefined,$(CXXFLAGS)),)
 CXXFLAGS += -fsanitize=undefined
 endif # CXXFLAGS
@@ -426,6 +429,9 @@ endif # UBsan
 
 # Address Sanitizer (Asan) testing. Issue 'make asan'.
 ifeq ($(findstring asan,$(MAKECMDGOALS)),asan)
+CXXFLAGS := $(CXXFLAGS:-g%=-g3)
+CXXFLAGS := $(CXXFLAGS:-O%=-O1)
+CXXFLAGS := $(CXXFLAGS:-xO%=-xO1)
 ifeq ($(findstring -fsanitize=address,$(CXXFLAGS)),)
 CXXFLAGS += -fsanitize=address
 endif # CXXFLAGS

TestScripts/cryptest.sh

@@ -250,8 +250,9 @@ if [[ ("$SUNCC_510_OR_ABOVE" -ne "0") ]]; then
 	HAVE_OFAST=0
 fi
 
+# GCC compile farm is mounted RO
 if [[ (-z "$TMPDIR") ]]; then
-	if [[ (-d "/tmp") ]]; then
+	if [[ (-d "/tmp") ]] && [[ `touch "/tmp/ok-to-delete" &>/dev/null` ]]; then
 		TMPDIR=/tmp
 	elif [[ (-d "/temp") ]]; then
 		TMPDIR=/temp
@@ -263,6 +264,9 @@ if [[ (-z "$TMPDIR") ]]; then
 	fi
 fi
 
+# Make temp if it does not exist
+mkdir -p "$TMPDIR" &>/dev/null
+
 # Sun Studio does not allow '-x c++'. Copy it here...
 rm -f adhoc.cpp > /dev/null 2>&1
 cp adhoc.cpp.proto adhoc.cpp
@@ -1382,6 +1386,44 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		fi
 	fi
 
+	############################################
+	# X86 CRC32 code generation
+
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -msse4.2 adhoc.cpp -o "$TMPDIR/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_CRC32=1
+	fi
+
+	if [[ ("$X86_CRC32" -ne "0") ]]; then
+		echo
+		echo "************************************" | tee -a "$TEST_RESULTS"
+		echo "Testing: X86 CRC32 code generation" | tee -a "$TEST_RESULTS"
+		echo
+
+		OBJFILE=crc.o; rm -f "$OBJFILE" 2>/dev/null
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+
+		COUNT=0
+		FAILED=0
+		DISASS_TEXT=$("$DISASS" "${DISASSARGS[@]}" "$OBJFILE" 2>/dev/null)
+
+		COUNT=$(echo -n "$DISASS_TEXT" | "$GREP" -i -c crc32l)
+		if [[ ("$COUNT" -eq "0") ]]; then
+			FAILED=1
+			echo "ERROR: failed to generate crc32l instruction" | tee -a "$TEST_RESULTS"
+		fi
+
+		COUNT=$(echo -n "$DISASS_TEXT" | "$GREP" -i -c crc32b)
+		if [[ ("$COUNT" -eq "0") ]]; then
+			FAILED=1
+			echo "ERROR: failed to generate crc32b instruction" | tee -a "$TEST_RESULTS"
+		fi
+
+		if [[ ("$FAILED" -eq "0") ]]; then
+			echo "Verified crc32l and crc32b machine instructions" | tee -a "$TEST_RESULTS"
+		fi
+	fi
+
 	############################################
 	# X86 SHA code generation
 

cryptest.sh

@@ -250,8 +250,9 @@ if [[ ("$SUNCC_510_OR_ABOVE" -ne "0") ]]; then
 	HAVE_OFAST=0
 fi
 
+# GCC compile farm is mounted RO
 if [[ (-z "$TMPDIR") ]]; then
-	if [[ (-d "/tmp") ]]; then
+	if [[ (-d "/tmp") ]] && [[ `touch "/tmp/ok-to-delete" &>/dev/null` ]]; then
 		TMPDIR=/tmp
 	elif [[ (-d "/temp") ]]; then
 		TMPDIR=/temp
@@ -263,6 +264,9 @@ if [[ (-z "$TMPDIR") ]]; then
 	fi
 fi
 
+# Make temp if it does not exist
+mkdir -p "$TMPDIR" &>/dev/null
+
 # Sun Studio does not allow '-x c++'. Copy it here...
 rm -f adhoc.cpp > /dev/null 2>&1
 cp adhoc.cpp.proto adhoc.cpp
@@ -1382,6 +1386,44 @@ if [[ ("$HAVE_DISASS" -ne "0" && ("$IS_X86" -ne "0" || "$IS_X64" -ne "0")) ]]; t
 		fi
 	fi
 
+	############################################
+	# X86 CRC32 code generation
+
+	"$CXX" -DCRYPTOPP_ADHOC_MAIN -msse4.2 adhoc.cpp -o "$TMPDIR/adhoc.exe" > /dev/null 2>&1
+	if [[ "$?" -eq "0" ]]; then
+		X86_CRC32=1
+	fi
+
+	if [[ ("$X86_CRC32" -ne "0") ]]; then
+		echo
+		echo "************************************" | tee -a "$TEST_RESULTS"
+		echo "Testing: X86 CRC32 code generation" | tee -a "$TEST_RESULTS"
+		echo
+
+		OBJFILE=crc.o; rm -f "$OBJFILE" 2>/dev/null
+		CXX="$CXX" CXXFLAGS="$RELEASE_CXXFLAGS -DDISABLE_NATIVE_ARCH=1 -msse -msse2" "$MAKE" "${MAKEARGS[@]}" $OBJFILE 2>&1 | tee -a "$TEST_RESULTS"
+
+		COUNT=0
+		FAILED=0
+		DISASS_TEXT=$("$DISASS" "${DISASSARGS[@]}" "$OBJFILE" 2>/dev/null)
+
+		COUNT=$(echo -n "$DISASS_TEXT" | "$GREP" -i -c crc32l)
+		if [[ ("$COUNT" -eq "0") ]]; then
+			FAILED=1
+			echo "ERROR: failed to generate crc32l instruction" | tee -a "$TEST_RESULTS"
+		fi
+
+		COUNT=$(echo -n "$DISASS_TEXT" | "$GREP" -i -c crc32b)
+		if [[ ("$COUNT" -eq "0") ]]; then
+			FAILED=1
+			echo "ERROR: failed to generate crc32b instruction" | tee -a "$TEST_RESULTS"
+		fi
+
+		if [[ ("$FAILED" -eq "0") ]]; then
+			echo "Verified crc32l and crc32b machine instructions" | tee -a "$TEST_RESULTS"
+		fi
+	fi
+
 	############################################
 	# X86 SHA code generation
 

rijndael.cpp

@@ -92,6 +92,10 @@ NAMESPACE_BEGIN(CryptoPP)
 # define MAYBE_CONST const
 #endif
 
+// Clang __m128i casts
+#define M128I_CAST(x) ((__m128i *)(void *)(x))
+#define CONST_M128I_CAST(x) ((const __m128i *)(const void *)(x))
+
 #if defined(CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS) || defined(CRYPTOPP_ALLOW_RIJNDAEL_UNALIGNED_DATA_ACCESS)
 # if (CRYPTOPP_BOOL_SSE2_ASM_AVAILABLE || defined(CRYPTOPP_X64_MASM_AVAILABLE)) && !defined(CRYPTOPP_DISABLE_RIJNDAEL_ASM)
 namespace rdtable {CRYPTOPP_ALIGN_DATA(16) word64 Te[256+2];}

seal.cpp

@@ -38,12 +38,8 @@ word32 SEAL_Gamma::Apply(word32 i)
 	word32 shaIndex = i/5;
 	if (shaIndex != lastIndex)
 	{
-#if CRYPTOPP_SHANI_AVAILABLE
-		D[0] = ConditionalByteReverse(HasSHA() ? BIG_ENDIAN_ORDER : LITTLE_ENDIAN_ORDER, shaIndex);
-#else
-		D[0] = shaIndex;
-#endif
 		memcpy(Z, H, 20);
+		D[0] = shaIndex;
 		SHA1::Transform(Z, D);
 		lastIndex = shaIndex;
 	}

sha.h

@@ -2,7 +2,8 @@
 
 //! \file sha.h
 //! \brief Classes for SHA-1 and SHA-2 family of message digests
-//! \since SHA1 since Crypto++ 1.0, SHA2 since Crypto++ 4.0, Intel SHA extensions since Crypto++ 6.0
+//! \since SHA1 since Crypto++ 1.0, SHA2 since Crypto++ 4.0,
+//!   ARM SHA since Crypto++ 6.0, Intel SHA since Crypto++ 6.0
 
 #ifndef CRYPTOPP_SHA_H
 #define CRYPTOPP_SHA_H
@@ -38,21 +39,20 @@ public:
 	//! \param digest the state of the hash
 	//! \param data the data to be digested
 	//! \details Transform operates the hash on <tt>data</tt>. When the call is invoked
-	//!    <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash or
-	//!    updated state.
+	//!   <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash
+	//!   or updated state.
 	//! \details Hashes which derive from IteratedHashWithStaticTransform provide static
 	//!   member functions InitState and Transform. External classes, like SEAL and MDC,
 	//!   can initialize state with a user provided key and operate the hash on the data
 	//!   with the user supplied state.
 	//! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2.
-	static void CRYPTOPP_API Transform(word32 *digest, const word32 *data);
+	static void CRYPTOPP_API Transform(HashWordType *digest, const HashWordType *data);
 	//! \brief The algorithm name
 	//! \returns C-style string "SHA-1"
 	CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-1";}
 
-#if CRYPTOPP_SHANI_AVAILABLE
-	size_t HashMultipleBlocks(const word32 *input, size_t length);
-#endif
+protected:
+	size_t HashMultipleBlocks(const HashWordType *input, size_t length);
 };
 
 //! \class SHA256
@@ -75,21 +75,20 @@ public:
 	//! \param digest the state of the hash
 	//! \param data the data to be digested
 	//! \details Transform operates the hash on <tt>data</tt>. When the call is invoked
-	//!    <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash or
-	//!    updated state.
+	//!   <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash
+	//!   or updated state.
 	//! \details Hashes which derive from IteratedHashWithStaticTransform provide static
 	//!   member functions InitState and Transform. External classes, like SEAL and MDC,
 	//!   can initialize state with a user provided key and operate the hash on the data
 	//!   with the user supplied state.
 	//! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2.
-	static void CRYPTOPP_API Transform(word32 *digest, const word32 *data);
+	static void CRYPTOPP_API Transform(HashWordType *digest, const HashWordType *data);
 	//! \brief The algorithm name
 	//! \returns C-style string "SHA-256"
 	CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-256";}
 
-#if (defined(CRYPTOPP_X86_ASM_AVAILABLE) || defined(CRYPTOPP_X32_ASM_AVAILABLE) || defined(CRYPTOPP_X64_MASM_AVAILABLE)) && !defined(CRYPTOPP_DISABLE_SHA_ASM)
-	size_t HashMultipleBlocks(const word32 *input, size_t length);
-#endif
+protected:
+	size_t HashMultipleBlocks(const HashWordType *input, size_t length);
 };
 
 //! \class SHA224
@@ -112,21 +111,20 @@ public:
 	//! \param digest the state of the hash
 	//! \param data the data to be digested
 	//! \details Transform operates the hash on <tt>data</tt>. When the call is invoked
-	//!    <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash or
-	//!    updated state.
+	//!   <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash
+	//!   or updated state.
 	//! \details Hashes which derive from IteratedHashWithStaticTransform provide static
 	//!   member functions InitState and Transform. External classes, like SEAL and MDC,
 	//!   can initialize state with a user provided key and operate the hash on the data
 	//!   with the user supplied state.
 	//! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2.
-	static void CRYPTOPP_API Transform(word32 *digest, const word32 *data) {SHA256::Transform(digest, data);}
+	static void CRYPTOPP_API Transform(HashWordType *digest, const HashWordType *data) {SHA256::Transform(digest, data);}
 	//! \brief The algorithm name
 	//! \returns C-style string "SHA-224"
 	CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-224";}
 
-#if (defined(CRYPTOPP_X86_ASM_AVAILABLE) || defined(CRYPTOPP_X32_ASM_AVAILABLE) || defined(CRYPTOPP_X64_MASM_AVAILABLE)) && !defined(CRYPTOPP_DISABLE_SHA_ASM)
-	size_t HashMultipleBlocks(const word32 *input, size_t length);
-#endif
+protected:
+	size_t HashMultipleBlocks(const HashWordType *input, size_t length);
 };
 
 //! \class SHA512
@@ -149,14 +147,14 @@ public:
 	//! \param digest the state of the hash
 	//! \param data the data to be digested
 	//! \details Transform operates the hash on <tt>data</tt>. When the call is invoked
-	//!    <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash or
-	//!    updated state.
+	//!   <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash
+	//!   or updated state.
 	//! \details Hashes which derive from IteratedHashWithStaticTransform provide static
 	//!   member functions InitState and Transform. External classes, like SEAL and MDC,
 	//!   can initialize state with a user provided key and operate the hash on the data
 	//!   with the user supplied state.
 	//! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2.
-	static void CRYPTOPP_API Transform(word64 *digest, const word64 *data);
+	static void CRYPTOPP_API Transform(HashWordType *digest, const HashWordType *data);
 	//! \brief The algorithm name
 	//! \returns C-style string "SHA-512"
 	CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-512";}
@@ -182,14 +180,14 @@ public:
 	//! \param digest the state of the hash
 	//! \param data the data to be digested
 	//! \details Transform operates the hash on <tt>data</tt>. When the call is invoked
-	//!    <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash or
-	//!    updated state.
+	//!   <tt>digest</tt> holds initial state. Upon return <tt>digest</tt> holds the hash
+	//!   or updated state.
 	//! \details Hashes which derive from IteratedHashWithStaticTransform provide static
 	//!   member functions InitState and Transform. External classes, like SEAL and MDC,
 	//!   can initialize state with a user provided key and operate the hash on the data
 	//!   with the user supplied state.
 	//! \note On Intel platforms the state array and data must be 16-byte aligned for SSE2.
-	static void CRYPTOPP_API Transform(word64 *digest, const word64 *data) {SHA512::Transform(digest, data);}
+	static void CRYPTOPP_API Transform(HashWordType *digest, const HashWordType *data) {SHA512::Transform(digest, data);}
 	//! \brief The algorithm name
 	//! \returns C-style string "SHA-384"
 	CRYPTOPP_STATIC_CONSTEXPR const char* CRYPTOPP_API StaticAlgorithmName() {return "SHA-384";}

x64dll.asm

@@ -676,7 +676,7 @@ ret
 GCM_AuthenticateBlocks_64K ENDP
 
 ALIGN   8
-SHA256_HashBlocks_SSE2	PROC FRAME
+SHA256_SSE_HashMultipleBlocks	PROC FRAME
 rex_push_reg rsi
 push_reg rdi
 push_reg rbx
@@ -1962,7 +1962,7 @@ pop		rbx
 pop		rdi
 pop		rsi
 ret
-SHA256_HashBlocks_SSE2 ENDP
+SHA256_SSE_HashMultipleBlocks ENDP
 
 _TEXT ENDS
 END