Breakout __ARM_FEATURE_CRYPTO into PMULL, AES and SHA for Apple Clang (Issue 362)

It appears Apple Clang disgorges carryless multiply (PMULL) from Crypto (AES and SHA). The breakout added CRYPTOPP_BOOL_ARM_PMULL_INTRINSICS_AVAILABLE for PMULL, and retained CRYPTOPP_BOOL_ARM_CRYPTO_INTRINSICS_AVAILABLE for AES and SHA only

config.h

@@ -256,12 +256,12 @@ const lword LWORD_MAX = W64LIT(0xffffffffffffffff);
 #endif
 
 // Apple and LLVM's Clang. Apple Clang version 7.0 roughly equals LLVM Clang version 3.7
-#if defined(__clang__ ) && !defined(__apple_build_version__)
-	#define CRYPTOPP_LLVM_CLANG_VERSION (__clang_major__ * 10000 + __clang_minor__ * 100 + __clang_patchlevel__)
-	#define CRYPTOPP_CLANG_INTEGRATED_ASSEMBLER 1
-#elif defined(__clang__ ) && defined(__apple_build_version__)
+#if defined(__clang__ ) && defined(__apple_build_version__)
 	#define CRYPTOPP_APPLE_CLANG_VERSION (__clang_major__ * 10000 + __clang_minor__ * 100 + __clang_patchlevel__)
 	#define CRYPTOPP_CLANG_INTEGRATED_ASSEMBLER 1
+#elif defined(__clang__ )
+	#define CRYPTOPP_LLVM_CLANG_VERSION (__clang_major__ * 10000 + __clang_minor__ * 100 + __clang_patchlevel__)
+	#define CRYPTOPP_CLANG_INTEGRATED_ASSEMBLER 1
 #endif
 
 #ifdef _MSC_VER
@@ -491,6 +491,16 @@ NAMESPACE_END
 # endif
 #endif
 
+// Requires ARMv8 and ACLE 2.0. GCC requires 4.8 and above.
+// LLVM Clang requires 3.5. Apple Clang does not support it at the moment.
+// Microsoft plans to support ARM-64, but its not clear how to detect it.
+// TODO: Add MSC_VER and ARM-64 platform define when available
+#if !defined(CRYPTOPP_BOOL_ARM_PMULL_INTRINSICS_AVAILABLE) && !defined(CRYPTOPP_DISABLE_ASM)
+# if defined(__ARM_FEATURE_CRYPTO) && !defined(__apple_build_version__)
+#  define CRYPTOPP_BOOL_ARM_PMULL_INTRINSICS_AVAILABLE 1
+# endif
+#endif
+
 // Requires ARMv8 and ACLE 2.0. GCC requires 4.8 and above.
 // LLVM Clang requires 3.5. Apple Clang is unknown at the moment.
 // Microsoft plans to support ARM-64, but its not clear how to detect it.

cpu.cpp

@@ -440,7 +440,7 @@ static bool TryNEON()
 
 static bool TryPMULL()
 {
-#if (CRYPTOPP_BOOL_ARM_CRYPTO_INTRINSICS_AVAILABLE)
+#if (CRYPTOPP_BOOL_ARM_PMULL_INTRINSICS_AVAILABLE)
 # if defined(CRYPTOPP_MS_STYLE_INLINE_ASSEMBLY)
 	volatile bool result = true;
 	__try

gcm.cpp

@@ -180,7 +180,7 @@ inline __m128i CLMUL_GF_Mul(const __m128i &x, const __m128i &h, const __m128i &r
 }
 #endif
 
-#if CRYPTOPP_BOOL_ARM_CRYPTO_INTRINSICS_AVAILABLE
+#if CRYPTOPP_BOOL_ARM_PMULL_INTRINSICS_AVAILABLE
 
 CRYPTOPP_ALIGN_DATA(16)
 static const word64 s_clmulConstants64[] = {
@@ -240,7 +240,7 @@ void GCM_Base::SetKeyWithoutResync(const byte *userKey, size_t keylength, const
 		tableSize = s_clmulTableSizeInBlocks * REQUIRED_BLOCKSIZE;
 	}
 	else
-#elif CRYPTOPP_BOOL_ARM_CRYPTO_INTRINSICS_AVAILABLE
+#elif CRYPTOPP_BOOL_ARM_PMULL_INTRINSICS_AVAILABLE
 	if (HasPMULL())
 	{
 		// Avoid "parameter not used" error and suppress Coverity finding
@@ -286,7 +286,7 @@ void GCM_Base::SetKeyWithoutResync(const byte *userKey, size_t keylength, const
 
 		return;
 	}
-#elif CRYPTOPP_BOOL_ARM_CRYPTO_INTRINSICS_AVAILABLE
+#elif CRYPTOPP_BOOL_ARM_PMULL_INTRINSICS_AVAILABLE
 	if (HasPMULL())
 	{
 		const uint64x2_t r = s_clmulConstants[0];
@@ -422,7 +422,7 @@ inline void GCM_Base::ReverseHashBufferIfNeeded()
 		__m128i &x = *(__m128i *)(void *)HashBuffer();
 		x = _mm_shuffle_epi8(x, s_clmulConstants[1]);
 	}
-#elif CRYPTOPP_BOOL_ARM_CRYPTO_INTRINSICS_AVAILABLE
+#elif CRYPTOPP_BOOL_ARM_PMULL_INTRINSICS_AVAILABLE
 	if (HasPMULL())
 	{
 		if (GetNativeByteOrder() != BIG_ENDIAN_ORDER)
@@ -572,7 +572,7 @@ size_t GCM_Base::AuthenticateBlocks(const byte *data, size_t len)
 		_mm_store_si128((__m128i *)(void *)HashBuffer(), x);
 		return len;
 	}
-#elif CRYPTOPP_BOOL_ARM_CRYPTO_INTRINSICS_AVAILABLE
+#elif CRYPTOPP_BOOL_ARM_PMULL_INTRINSICS_AVAILABLE
 	if (HasPMULL())
 	{
 		const uint64x2_t *table = (const uint64x2_t *)MulTable();