keccak: add asm feature; use cpufeatures on aarch64

Gates `asm` support under a crate feature.

Uses the `cpufeatures` crate to detect the presence of the `sha3`
extension for ARMv8 CPUs, automatically falling back to a software
implementation if it isn't available.

keccak/Cargo.toml

@@ -14,5 +14,9 @@ categories = ["cryptography", "no-std"]
 readme = "README.md"
 
 [features]
+asm = []       # Use optimized assembly when available (currently only ARMv8)
 no_unroll = [] # Do no unroll loops for binary size reduction
-simd = [] # Use core::simd (WARNING: requires Nigthly)
+simd = []      # Use core::simd (WARNING: requires Nigthly)
+
+[target.'cfg(target_arch = "aarch64")'.dependencies]
+cpufeatures = "0.2"

keccak/src/lib.rs

@@ -48,8 +48,13 @@ use core::{
 
 #[rustfmt::skip]
 mod unroll;
+
+#[cfg(all(target_arch = "aarch64", feature = "asm"))]
 mod aarch64_sha3;
 
+#[cfg(all(target_arch = "aarch64", feature = "asm"))]
+cpufeatures::new!(armv8_sha3_intrinsics, "sha3");
+
 const PLEN: usize = 25;
 
 const RHO: [u32; 24] = [
@@ -145,11 +150,17 @@ impl_keccak!(f200, u8);
 impl_keccak!(f400, u16);
 impl_keccak!(f800, u32);
 
-#[cfg(not(all(target_arch = "aarch64", target_feature = "sha3")))]
+#[cfg(not(all(target_arch = "aarch64", feature = "asm")))]
 impl_keccak!(f1600, u64);
 
-#[cfg(all(target_arch = "aarch64", target_feature = "sha3"))]
-pub use aarch64_sha3::keccak_f1600 as f1600;
+#[cfg(all(target_arch = "aarch64", feature = "asm"))]
+pub fn f1600(state: &mut [u64; PLEN]) {
+    if armv8_sha3_intrinsics::get() {
+        aarch64_sha3::keccak_f1600(state)
+    } else {
+        keccak_p(state, u64::KECCAK_F_ROUND_COUNT);
+    }
+}
 
 #[cfg(feature = "simd")]
 /// SIMD implementations for Keccak-f1600 sponge function