Search code examples
x86sha256cpythoninstruction-sethardware-acceleration

Does Python hashlib's sha256 employ the Intel SHA extensions?


Does CPython hashlib's SHA256 employ the Intel SHA extensions ? If yes, since which version(s)?

Since CPython uses OpenSSL for its crypto primitives it should also use its hardware acceleration capabilities (AESNI-SHA256 was added to OpenSSL between 1.0.1l and 1.0.2 on 22 Jan 2015), but I can't find out if and since when SHA256 hardware acceleration is used. I tried to understand the sha256module.c source but got lost in the abstractions :(

Bonus question: AFAIK, the CPython for Windows release statically links OpenSSL. When was it upgraded to a version of OpenSSL that can theoretically use SHA-NI, and: Does it use them? (Sorry, I couldn't even Google that)


Solution

  • CPython has used OpenSSL's hash primitives when available for many years.

    OpenSSL added hardware-accelerated SHA256 in 1.0.2 [22 Jan 2015]. From the changelog:

      * Support for new and upcoming Intel processors, including AVX2,
        BMI and SHA ISA extensions. This includes additional "stitched"
        implementations, AESNI-SHA256 and GCM, and multi-buffer support
        for TLS encrypt.
     
        This work was sponsored by Intel Corp.
    

    This means that CPython has supported hardware-assisted SHA256 hashing on at least some platforms since 3.5.

    In Python 3.12 CPython switched to using HACL (see the commit, with benchmark results) which improves hashing performance considerably.