commit c23408f69f64d41c3d5478801bb16c0603b4e43b
parent d49f5c7c03c82d4d8321f2932b19160822715ebc
Author: Jared Tobin <jared@jtobin.io>
Date: Mon, 22 Dec 2025 17:23:22 -0330
meta: add llvm flag
Diffstat:
4 files changed, 50 insertions(+), 23 deletions(-)
diff --git a/README.md b/README.md
@@ -76,30 +76,34 @@ Current benchmark figures on an M4 Silicon MacBook Air look like (use
```
benchmarking ppad-hmac-drbg/HMAC-SHA256/new
- time 10.46 μs (10.45 μs .. 10.46 μs)
+ time 2.771 μs (2.767 μs .. 2.775 μs)
1.000 R² (1.000 R² .. 1.000 R²)
- mean 10.44 μs (10.44 μs .. 10.46 μs)
- std dev 28.45 ns (19.59 ns .. 46.15 ns)
+ mean 2.768 μs (2.764 μs .. 2.772 μs)
+ std dev 12.21 ns (10.10 ns .. 14.90 ns)
benchmarking ppad-hmac-drbg/HMAC-SHA256/reseed
- time 6.917 μs (6.900 μs .. 6.934 μs)
+ time 1.777 μs (1.776 μs .. 1.778 μs)
1.000 R² (1.000 R² .. 1.000 R²)
- mean 6.908 μs (6.893 μs .. 6.921 μs)
- std dev 47.40 ns (27.59 ns .. 84.31 ns)
+ mean 1.777 μs (1.776 μs .. 1.778 μs)
+ std dev 2.260 ns (1.699 ns .. 3.099 ns)
benchmarking ppad-hmac-drbg/HMAC-SHA256/gen (32B)
- time 10.55 μs (10.52 μs .. 10.59 μs)
+ time 2.756 μs (2.753 μs .. 2.759 μs)
1.000 R² (1.000 R² .. 1.000 R²)
- mean 10.51 μs (10.50 μs .. 10.53 μs)
- std dev 44.48 ns (25.76 ns .. 78.90 ns)
+ mean 2.757 μs (2.754 μs .. 2.760 μs)
+ std dev 9.806 ns (6.361 ns .. 16.87 ns)
benchmarking ppad-hmac-drbg/HMAC-SHA256/gen (256B)
- time 36.08 μs (34.94 μs .. 37.26 μs)
- 0.996 R² (0.994 R² .. 1.000 R²)
- mean 35.30 μs (35.09 μs .. 35.96 μs)
- std dev 1.085 μs (488.0 ns .. 2.012 μs)
+ time 8.967 μs (8.959 μs .. 8.980 μs)
+ 1.000 R² (1.000 R² .. 1.000 R²)
+ mean 8.970 μs (8.965 μs .. 8.985 μs)
+ std dev 26.04 ns (12.30 ns .. 52.00 ns)
```
+You should compile with the 'llvm' flag (and ensure that
+[ppad-sha256][sh256] has been compiled with the 'llvm' flag) for
+maximum performance.
+
## Security
This library aims at the maximum security achievable in a
diff --git a/flake.lock b/flake.lock
@@ -97,16 +97,19 @@
"ppad-nixpkgs",
"nixpkgs"
],
+ "ppad-base16": [
+ "ppad-base16"
+ ],
"ppad-nixpkgs": [
"ppad-nixpkgs"
]
},
"locked": {
- "lastModified": 1737298572,
- "narHash": "sha256-iAo6GFH1FLNi0wt0FczbqPCmVzCm9gfMEjk1oakExt0=",
+ "lastModified": 1766435555,
+ "narHash": "sha256-ysN0iRuBLSQrgWU3rCFUyq0NvRpug6DTBRZSlWbmI1A=",
"ref": "master",
- "rev": "abc984dc65f0df9bd958c0bc8f390c68e660f710",
- "revCount": 87,
+ "rev": "a4c17689cd66e1ef35c667914765cb24c9a4b305",
+ "revCount": 96,
"type": "git",
"url": "git://git.ppad.tech/sha256.git"
},
@@ -128,16 +131,19 @@
"ppad-nixpkgs",
"nixpkgs"
],
+ "ppad-base16": [
+ "ppad-base16"
+ ],
"ppad-nixpkgs": [
"ppad-nixpkgs"
]
},
"locked": {
- "lastModified": 1737298660,
- "narHash": "sha256-W8wuLHRH7P5oITCXnxKEEnSD2yX1Qo7uypbxpwKvvM8=",
+ "lastModified": 1750736173,
+ "narHash": "sha256-7AGv9HktdslIaVDO8IQUMrcBewmFngHlwqEUaYsI6kw=",
"ref": "master",
- "rev": "e8ce88cafbf32900556832d3817997642f128242",
- "revCount": 21,
+ "rev": "ba7757cf61132cf3c3d79960f51ddaf4801f7aec",
+ "revCount": 30,
"type": "git",
"url": "git://git.ppad.tech/sha512.git"
},
diff --git a/flake.nix b/flake.nix
@@ -17,12 +17,14 @@
type = "git";
url = "git://git.ppad.tech/sha256.git";
ref = "master";
+ inputs.ppad-base16.follows = "ppad-base16";
inputs.ppad-nixpkgs.follows = "ppad-nixpkgs";
};
ppad-sha512 = {
type = "git";
url = "git://git.ppad.tech/sha512.git";
ref = "master";
+ inputs.ppad-base16.follows = "ppad-base16";
inputs.ppad-nixpkgs.follows = "ppad-nixpkgs";
};
flake-utils.follows = "ppad-nixpkgs/flake-utils";
@@ -38,14 +40,20 @@
pkgs = import nixpkgs { inherit system; };
hlib = pkgs.haskell.lib;
+ llvm = pkgs.llvmPackages_15.llvm;
base16 = ppad-base16.packages.${system}.default;
- sha256 = ppad-sha256.packages.${system}.default;
sha512 = ppad-sha512.packages.${system}.default;
+ sha256 = ppad-sha256.packages.${system}.default;
+ sha256-llvm =
+ hlib.addBuildTools
+ (hlib.enableCabalFlag sha256 "llvm")
+ [ llvm ];
+
hpkgs = pkgs.haskell.packages.ghc981.extend (new: old: {
ppad-base16 = base16;
- ppad-sha256 = sha256;
+ ppad-sha256 = sha256-llvm;
ppad-sha512 = sha512;
${lib} = new.callCabal2nix lib ./. {
ppad-base16 = new.ppad-base16;
@@ -69,6 +77,7 @@
buildInputs = [
cabal
cc
+ llvm
];
inputsFrom = builtins.attrValues self.packages.${system};
@@ -81,6 +90,7 @@
echo "cc: $(${cc}/bin/cc --version)"
echo "ghc: $(${ghc}/bin/ghc --version)"
echo "cabal: $(${cabal}/bin/cabal --version)"
+ echo "llc: $(${llvm}/bin/llc --version | head -2 | tail -1)"
'';
};
}
diff --git a/ppad-hmac-drbg.cabal b/ppad-hmac-drbg.cabal
@@ -14,6 +14,11 @@ description:
A pure implementation of the HMAC-DRBG CSPRNG, as specified by NIST-SP
800-90A.
+flag llvm
+ description: Use GHC's LLVM backend.
+ default: False
+ manual: True
+
source-repository head
type: git
location: git.ppad.tech/hmac-drbg.git
@@ -23,6 +28,8 @@ library
hs-source-dirs: lib
ghc-options:
-Wall
+ if flag(llvm)
+ ghc-options: -fllvm -O2
exposed-modules:
Crypto.DRBG.HMAC
build-depends:
