AEAD: Reduce punning of architecture-specific implementations.

briansmith · briansmith · commit d300cd1c9dec · 2025-04-11T17:23:48.000-07:00
Replace the punning with separate implementations so that code coverage
can measure them better. The punning is avoided at construction of the
key objects, but not necessarily everywhere else; this is good enough
for us to see that each implementation is selected during coverage
testing, while still minimizing duplication.
diff --git a/src/aead/aes/hw.rs b/src/aead/aes/hw.rs
@@ -20,21 +20,6 @@
 
 use super::{Block, Counter, EncryptBlock, EncryptCtr32, Iv, KeyBytes, Overlapping, AES_KEY};
 use crate::{cpu, error};
-use cfg_if::cfg_if;
-
-cfg_if! {
-    if #[cfg(all(target_arch = "aarch64", target_endian = "little"))] {
-        pub(in super::super) type RequiredCpuFeatures = cpu::aarch64::Aes;
-        pub(in super::super) type OptionalCpuFeatures = ();
-    } else if #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] {
-        use cpu::intel::{Aes, Avx, Ssse3};
-        // Some functions seem to have been written to require only SSE/SSE2
-        // but there seem to be no SSSE3-less CPUs with AES-NI, and we don't
-        // have feature detection for SSE2.
-        pub(in super::super) type RequiredCpuFeatures = (Aes, Ssse3);
-        pub(in super::super) type OptionalCpuFeatures = Avx;
-    }
-}
 
 #[derive(Clone)]
 pub struct Key {
@@ -45,22 +30,38 @@ impl Key {
     #[cfg(all(target_arch = "aarch64", target_endian = "little"))]
     pub(in super::super) fn new(
         bytes: KeyBytes<'_>,
-        _required_cpu_features: RequiredCpuFeatures,
-        _optional_cpu_features: Option<OptionalCpuFeatures>,
+        _required_cpu_features: cpu::aarch64::Aes,
+        _optional_cpu_features: Option<()>,
     ) -> Result<Self, error::Unspecified> {
         let inner = unsafe { set_encrypt_key!(aes_hw_set_encrypt_key, bytes) }?;
         Ok(Self { inner })
     }
 
-    #[cfg(any(target_arch = "x86", target_arch = "x86_64"))]
+    #[cfg(target_arch = "x86")]
+    pub(in super::super) fn new(
+        bytes: KeyBytes<'_>,
+        _required_cpu_features: (cpu::intel::Aes, cpu::intel::Ssse3),
+        optional_cpu_features: Option<cpu::intel::Avx>,
+    ) -> Result<Self, error::Unspecified> {
+        // Ssse3 is required, but upstream only uses this if there is also Avx;
+        // presumably the base version is faster on pre-AVX CPUs.
+        let inner = if let Some(cpu::intel::Avx { .. }) = optional_cpu_features {
+            unsafe { set_encrypt_key!(aes_hw_set_encrypt_key_alt, bytes) }?
+        } else {
+            unsafe { set_encrypt_key!(aes_hw_set_encrypt_key_base, bytes) }?
+        };
+        Ok(Self { inner })
+    }
+
+    #[cfg(target_arch = "x86_64")]
     pub(in super::super) fn new(
         bytes: KeyBytes<'_>,
-        (Aes { .. }, Ssse3 { .. }): RequiredCpuFeatures,
-        optional_cpu_features: Option<OptionalCpuFeatures>,
+        _required_cpu_features: (cpu::intel::Aes, cpu::intel::Ssse3),
+        optional_cpu_features: Option<cpu::intel::Avx>,
     ) -> Result<Self, error::Unspecified> {
         // Ssse3 is required, but upstream only uses this if there is also Avx;
         // presumably the base version is faster on pre-AVX CPUs.
-        let inner = if let Some(Avx { .. }) = optional_cpu_features {
+        let inner = if let Some(cpu::intel::Avx { .. }) = optional_cpu_features {
             unsafe { set_encrypt_key!(aes_hw_set_encrypt_key_alt, bytes) }?
         } else {
             unsafe { set_encrypt_key!(aes_hw_set_encrypt_key_base, bytes) }?
diff --git a/src/aead/aes/vp.rs b/src/aead/aes/vp.rs
@@ -22,24 +22,43 @@
 use super::{Block, Counter, EncryptBlock, EncryptCtr32, Iv, KeyBytes, Overlapping, AES_KEY};
 use crate::{cpu, error};
 
-#[cfg(all(target_arch = "aarch64", target_endian = "little"))]
-type RequiredCpuFeatures = cpu::aarch64::Neon;
-
-#[cfg(all(target_arch = "arm", target_endian = "little"))]
-type RequiredCpuFeatures = cpu::arm::Neon;
-
-#[cfg(any(target_arch = "x86", target_arch = "x86_64"))]
-pub(in super::super) type RequiredCpuFeatures = cpu::intel::Ssse3;
-
 #[derive(Clone)]
 pub(in super::super) struct Key {
     inner: AES_KEY,
 }
 
 impl Key {
+    #[cfg(all(target_arch = "aarch64", target_endian = "little"))]
+    pub(in super::super) fn new(
+        bytes: KeyBytes<'_>,
+        _cpu: cpu::aarch64::Neon,
+    ) -> Result<Self, error::Unspecified> {
+        let inner = unsafe { set_encrypt_key!(vpaes_set_encrypt_key, bytes) }?;
+        Ok(Self { inner })
+    }
+
+    #[cfg(all(target_arch = "arm", target_endian = "little"))]
+    pub(in super::super) fn new(
+        bytes: KeyBytes<'_>,
+        _cpu: cpu::arm::Neon,
+    ) -> Result<Self, error::Unspecified> {
+        let inner = unsafe { set_encrypt_key!(vpaes_set_encrypt_key, bytes) }?;
+        Ok(Self { inner })
+    }
+
+    #[cfg(target_arch = "x86")]
+    pub(in super::super) fn new(
+        bytes: KeyBytes<'_>,
+        _cpu: cpu::intel::Ssse3,
+    ) -> Result<Self, error::Unspecified> {
+        let inner = unsafe { set_encrypt_key!(vpaes_set_encrypt_key, bytes) }?;
+        Ok(Self { inner })
+    }
+
+    #[cfg(target_arch = "x86_64")]
     pub(in super::super) fn new(
         bytes: KeyBytes<'_>,
-        _cpu: RequiredCpuFeatures,
+        _cpu: cpu::intel::Ssse3,
     ) -> Result<Self, error::Unspecified> {
         let inner = unsafe { set_encrypt_key!(vpaes_set_encrypt_key, bytes) }?;
         Ok(Self { inner })
diff --git a/src/aead/aes_gcm.rs b/src/aead/aes_gcm.rs
@@ -143,12 +143,18 @@ impl DynKey {
         Ok(Self::Simd(Combo { aes_key, gcm_key }))
     }
 
-    #[cfg(any(target_arch = "x86", target_arch = "x86_64"))]
+    #[cfg(target_arch = "x86")]
     #[inline(never)]
-    fn new_ssse3(
-        key: aes::KeyBytes,
-        cpu: aes::vp::RequiredCpuFeatures,
-    ) -> Result<Self, error::Unspecified> {
+    fn new_ssse3(key: aes::KeyBytes, cpu: cpu::intel::Ssse3) -> Result<Self, error::Unspecified> {
+        let aes_key = aes::vp::Key::new(key, cpu)?;
+        let gcm_key_value = derive_gcm_key_value(&aes_key);
+        let gcm_key = gcm::fallback::Key::new(gcm_key_value);
+        Ok(Self::Simd(Combo { aes_key, gcm_key }))
+    }
+
+    #[cfg(target_arch = "x86_64")]
+    #[inline(never)]
+    fn new_ssse3(key: aes::KeyBytes, cpu: cpu::intel::Ssse3) -> Result<Self, error::Unspecified> {
         let aes_key = aes::vp::Key::new(key, cpu)?;
         let gcm_key_value = derive_gcm_key_value(&aes_key);
         let gcm_key = gcm::fallback::Key::new(gcm_key_value);
diff --git a/src/aead/gcm/clmul.rs b/src/aead/gcm/clmul.rs
@@ -24,20 +24,35 @@ use crate::cpu;
 #[cfg(any(target_arch = "x86", target_arch = "x86_64"))]
 use {super::UpdateBlocks, crate::polyfill::slice::AsChunks};
 
-#[cfg(all(target_arch = "aarch64", target_endian = "little"))]
-pub(in super::super) type RequiredCpuFeatures = cpu::aarch64::PMull;
-
-#[cfg(any(target_arch = "x86", target_arch = "x86_64"))]
-pub(in super::super) type RequiredCpuFeatures = (cpu::intel::ClMul, cpu::intel::Ssse3);
-
 #[derive(Clone)]
 pub struct Key {
     h_table: HTable,
 }
 
 impl Key {
-    #[cfg_attr(target_arch = "x86_64", inline(never))]
-    pub(in super::super) fn new(value: KeyValue, _cpu: RequiredCpuFeatures) -> Self {
+    #[cfg(all(target_arch = "aarch64", target_endian = "little"))]
+    pub(in super::super) fn new(value: KeyValue, _cpu: cpu::aarch64::PMull) -> Self {
+        Self {
+            h_table: unsafe { htable_new!(gcm_init_clmul, value) },
+        }
+    }
+
+    #[cfg(target_arch = "x86")]
+    pub(in super::super) fn new(
+        value: KeyValue,
+        _cpu: (cpu::intel::ClMul, cpu::intel::Ssse3),
+    ) -> Self {
+        Self {
+            h_table: unsafe { htable_new!(gcm_init_clmul, value) },
+        }
+    }
+
+    #[cfg(target_arch = "x86_64")]
+    #[inline(never)]
+    pub(in super::super) fn new(
+        value: KeyValue,
+        _cpu: (cpu::intel::ClMul, cpu::intel::Ssse3),
+    ) -> Self {
         Self {
             h_table: unsafe { htable_new!(gcm_init_clmul, value) },
         }
diff --git a/src/aead/gcm/neon.rs b/src/aead/gcm/neon.rs
@@ -20,19 +20,21 @@
 use super::{HTable, KeyValue, UpdateBlock, UpdateBlocks, Xi, BLOCK_LEN};
 use crate::{cpu, polyfill::slice::AsChunks};
 
-#[cfg(all(target_arch = "aarch64", target_endian = "little"))]
-pub(in super::super) type RequiredCpuFeatures = cpu::aarch64::Neon;
-
-#[cfg(all(target_arch = "arm", target_endian = "little"))]
-pub(in super::super) type RequiredCpuFeatures = cpu::arm::Neon;
-
 #[derive(Clone)]
 pub struct Key {
     h_table: HTable,
 }
 
 impl Key {
-    pub(in super::super) fn new(value: KeyValue, _cpu: RequiredCpuFeatures) -> Self {
+    #[cfg(all(target_arch = "aarch64", target_endian = "little"))]
+    pub(in super::super) fn new(value: KeyValue, _cpu: cpu::aarch64::Neon) -> Self {
+        Self {
+            h_table: unsafe { htable_new!(gcm_init_neon, value) },
+        }
+    }
+
+    #[cfg(all(target_arch = "arm", target_endian = "little"))]
+    pub(in super::super) fn new(value: KeyValue, _cpu: cpu::arm::Neon) -> Self {
         Self {
             h_table: unsafe { htable_new!(gcm_init_neon, value) },
         }
