Skip to main content

gmcrypto_simd/
lib.rs

1//! SIMD backends for `gmcrypto-core` (v0.5 W4 phase 2 / v0.6 W6).
2//!
3//! This crate quarantines the unavoidable SIMD `unsafe` (AVX2
4//! intrinsics on `x86_64`, NEON on `aarch64`) so that
5//! `gmcrypto-core` itself can keep `unsafe_code = "forbid"`. The
6//! posture mirrors the established [`gmcrypto-c`] precedent (FFI
7//! shim with `unsafe_code = "warn"`).
8//!
9//! The crate exposes a small Rust-internal API surface only (no raw
10//! pointers, no C ABI). It is `rlib`-only; the single C-ABI surface
11//! for downstream callers remains [`gmcrypto-c`].
12//!
13//! # v0.5 W4 phase 2 scope
14//!
15//! - x86_64 AVX2 8-way packed bitsliced SM4 S-box
16//!   ([`sm4::sbox_x8::sbox_x8`]), with runtime AVX2 detection via
17//!   the `cpufeatures` crate and silent scalar fallback on non-AVX2
18//!   CPUs. 8 input bytes occupy the low lanes of the 256-bit
19//!   register; the upper 24 lanes are unused.
20//!
21//! # v0.6 W6 (phase 3) scope
22//!
23//! - x86_64 AVX2 32-byte full-width packed bitsliced S-box
24//!   ([`sm4::sbox_x32::sbox_x32`]). The intended consumer is an
25//!   8-block CBC-decrypt batch fanout in `gmcrypto-core` (8 SM4
26//!   blocks × 4 `tau` bytes per round = 32 bytes per call, zero
27//!   wasted lanes).
28//! - aarch64 NEON 16-byte packed bitsliced S-box
29//!   ([`sm4::sbox_x16::sbox_x16`]). NEON is the architectural
30//!   baseline on aarch64 (Q5.12 / Q6.3 of the v0.5 / v0.6 scope
31//!   docs); compile-time gated, no runtime detect.
32//!
33//! [`gmcrypto-c`]: https://docs.rs/gmcrypto-c
34
35#![no_std]
36// v0.5 W4 phase 2 / v0.6 W6 — this crate is the SIMD-intrinsic
37// backend (mirroring `gmcrypto-c`'s FFI-shim posture).
38// `core::arch::*` intrinsics are all `unsafe fn`, and
39// `#[target_feature(enable = "...")] unsafe fn` is the only
40// stable-Rust path on MSRV 1.85 to combine runtime CPU dispatch
41// with intrinsic calls. Every `unsafe` block / fn declaration
42// carries a `// SAFETY:` comment naming the architectural /
43// runtime-detect precondition. The Cargo.toml lint
44// `unsafe_code = "warn"` documents intent; this crate-level
45// `allow` keeps the per-decl noise out of the review surface
46// (same pattern as `gmcrypto-c`'s `src/lib.rs`).
47// `gmcrypto-core` itself stays `unsafe_code = "forbid"`.
48#![allow(unsafe_code)]
49
50pub mod sm4;
51
52mod detect;
53
54pub use detect::has_avx2;