On Thu, 10 Nov 2022 01:22:04 GMT, Volodymyr Paprotski <[email protected]> wrote:
>> Handcrafted x86_64 asm for Poly1305. Main optimization is to process 16
>> message blocks at a time. For more details, left a lot of comments in
>> `macroAssembler_x86_poly.cpp`.
>>
>> - Added new KAT test for Poly1305 and a fuzz test to compare intrinsic and
>> java.
>> - Would like to add an `InvalidKeyException` in `Poly1305.java` (see
>> commented out block in that file), but that conflicts with the KAT. I do
>> think we should detect (R==0 || S ==0) so would like advice please.
>> - Added a JMH perf test.
>> - JMH test had to use reflection (instead of existing `MacBench.java`),
>> since Poly1305 is not 'properly' registered with the provider.
>>
>> Perf before:
>>
>> Benchmark (dataSize) (provider) Mode Cnt Score
>> Error Units
>> Poly1305DigestBench.digest 64 thrpt 8 2961300.661
>> ± 110554.162 ops/s
>> Poly1305DigestBench.digest 256 thrpt 8 1791912.962
>> ± 86696.037 ops/s
>> Poly1305DigestBench.digest 1024 thrpt 8 637413.054
>> ± 14074.655 ops/s
>> Poly1305DigestBench.digest 16384 thrpt 8 48762.991
>> ± 390.921 ops/s
>> Poly1305DigestBench.digest 1048576 thrpt 8 769.872
>> ± 1.402 ops/s
>>
>> and after:
>>
>> Benchmark (dataSize) (provider) Mode Cnt Score
>> Error Units
>> Poly1305DigestBench.digest 64 thrpt 8 2841243.668
>> ± 154528.057 ops/s
>> Poly1305DigestBench.digest 256 thrpt 8 1662003.873
>> ± 95253.445 ops/s
>> Poly1305DigestBench.digest 1024 thrpt 8 1770028.718
>> ± 100847.766 ops/s
>> Poly1305DigestBench.digest 16384 thrpt 8 765547.287
>> ± 25883.825 ops/s
>> Poly1305DigestBench.digest 1048576 thrpt 8 14508.458
>> ± 56.147 ops/s
>
> Volodymyr Paprotski has updated the pull request incrementally with one
> additional commit since the last revision:
>
> fix windows and 32b linux builds
src/hotspot/share/opto/library_call.cpp line 6981:
> 6979:
> 6980: if (!stubAddr) return false;
> 6981: Node* polyObj = argument(0);
Minor cleanup: This could be removed as it is not used.
src/java.base/share/classes/com/sun/crypto/provider/Poly1305.java line 28:
> 26: package com.sun.crypto.provider;
> 27:
> 28: import java.lang.reflect.Field;
Minor cleanup: This could be removed.
src/java.base/share/classes/com/sun/crypto/provider/Poly1305.java line 249:
> 247: @ForceInline
> 248: @IntrinsicCandidate
> 249: private void processMultipleBlocks(byte[] input, int offset, int
> length, long[] aLimbs, long[] rLimbs) {
A comment here to indicate aLimbs and rLimbs are part of a and r and used in
intrinsic.
src/java.base/share/classes/com/sun/crypto/provider/Poly1305.java line 253:
> 251: n.setValue(input, offset, BLOCK_LENGTH, (byte)0x01);
> 252: a.setSum(n); // A += (temp | 0x01)
> 253: a.setProduct(r); // A = (A * R) % p
Comment needs update to match code.
-------------
PR: https://git.openjdk.org/jdk/pull/10582
