This PR adds ARMv8.4 cpu feature detection support. Previously we only needed ARMv8.1 and things were much easier. For example, ARMv8.1 `__ARM_FEATURE_CRYPTO` meant PMULL, AES, SHA-1 and SHA-256 were available. ARMv8.4 `__ARM_FEATURE_CRYPTO` means PMULL, AES, SHA-1, SHA-256, SHA-512, SHA-3, SM3 and SM4 are available.
We still use the same pattern as before. We make something available based on compiler version and/or preprocessor macros. But this time around we had to tighten things up a bit to ensure ARMv8.4 did not cross-pollinate down into ARMv8.1.
ARMv8.4 is largely untested at the moment. There is no hardware in the field and CI lacks QEMU with the relevant patches/support. We will probably have to revisit some of this stuff in the future.
Since this update applies to ARM gadgets we took the time to expand Android and iOS testing on Travis. Travis now tests more platforms, and includes Autotools and CMake builds, too.
Scrypt performance jumps as expected. For example, on a machine with 4 logical cores:
$ time OMP_NUM_THREADS=1 ./test.exe
Threads: 1
Key: DCF073537D25A10C9733...
real 0m17.959s
user 0m16.165s
sys 0m1.759s
$ time OMP_NUM_THREADS=4 ./test.exe
Threads: 4
Key: B37A0127DBE178ED604F...
real 0m4.488s
user 0m15.391s
sys 0m1.981s
Travis is having infrastructure problems since it migrated in November 2017. Our OS X and iOS tests hang for days. When the current job hangs, new jobs that enter the queue later hang too because the original job is still waiting.
The subsequent hangs effect Android and Linux, too. Our Travis scripts test Android, Linux, OS X and iOS. A hang effects everything.
We are going to disable Travis OS X and iOS tests until things improve.
Fix Environment setup for android to match the new unified headers.
Adjust the Makefile accordingly.
Updated the test scripts and travis to test these changes.
This check-in adds three additional functions for backwards compatibility: crypto_box_unchecked, crypto_box_open_unchecked and crypto_box_beforenm_unchecked. The functions can be used for interoperability with downlevel clients, like old versions of NaCl and libsodium. It should also help some cryptocurrencies, like Bitcoin, Ethereum, Monero and Zcash.
Also see https://eprint.iacr.org/2017/806.pdf (low order element attack) and https://github.com/jedisct1/libsodium/issues/662 (Zcash break).
Jeffrey Walton
Felix Barz