Use sha2 to calculate SHA256

[ahollmann]

crypto-hash seems to be unmaintained (last real commit on Feb 27, 2020) and forces duplicate crates due to outdated dependencies.

Minimal change to replace crypto-hash by sha2.

This was already attempted in #4545 (back in 2017).

[rustbot]

Thanks for the pull request, and welcome! The Rust team is excited to review your changes, and you should hear from @ehuss (or someone else) soon.

Please see the contribution instructions for more information. Namely, in order to ensure the minimum review times lag, PR authors and assigned reviewers should ensure that the review label (S-waiting-on-review and S-waiting-on-author) stays updated, invoking these commands when appropriate:

• @rustbot author: the review is finished, PR author should check the comments and take action accordingly
• @rustbot review: the author is ready for a review, this PR will be queued again in the reviewer's queue

[ehuss]

Thanks! Have you done any performance profiling? An example might be vendoring something large like the rust repo.

[weihanglo]

You may also need to bump the version of cargo-util in crates/cargo-util/Cargo.toml. "0.2.4" is a good candidate as there seems no SemVer breaking change.

[ahollmann]

Results for /usr/bin/time --verbose cargo vendor

I can do more in depth performance profiling later.

        Command being timed: "/home/aeh/git/cargo/target/release/cargo vendor"
        User time (seconds): 1.40
        System time (seconds): 2.28
        Percent of CPU this job got: 97%
        Elapsed (wall clock) time (h:mm:ss or m:ss): 0:03.77
        Average shared text size (kbytes): 0
        Average unshared data size (kbytes): 0
        Average stack size (kbytes): 0
        Average total size (kbytes): 0
        Maximum resident set size (kbytes): 64116
        Average resident set size (kbytes): 0
        Major (requiring I/O) page faults: 0
        Minor (reclaiming a frame) page faults: 8279
        Voluntary context switches: 2657
        Involuntary context switches: 158
        Swaps: 0
        File system inputs: 128
        File system outputs: 2286976
        Socket messages sent: 0
        Socket messages received: 0
        Signals delivered: 0
        Page size (bytes): 4096
        Exit status: 0

        Command being timed: "cargo vendor"
        User time (seconds): 1.35
        System time (seconds): 2.44
        Percent of CPU this job got: 97%
        Elapsed (wall clock) time (h:mm:ss or m:ss): 0:03.91
        Average shared text size (kbytes): 0
        Average unshared data size (kbytes): 0
        Average stack size (kbytes): 0
        Average total size (kbytes): 0
        Maximum resident set size (kbytes): 58688
        Average resident set size (kbytes): 0
        Major (requiring I/O) page faults: 8
        Minor (reclaiming a frame) page faults: 11106
        Voluntary context switches: 2862
        Involuntary context switches: 259
        Swaps: 0
        File system inputs: 5744
        File system outputs: 2304416
        Socket messages sent: 0
        Socket messages received: 0
        Signals delivered: 0
        Page size (bytes): 4096
        Exit status: 0

hyperfine output for cargo using cargo crypto-hash vs. cargo using sha2

hyperfine --warmup 1 --export-markdown cargo-profile.md '~/cargo-profiling/cargo-crypto-hash vendor' '~/cargo-profiling/cargo-sha2 vendor' 
Benchmark 1: ~/cargo-profiling/cargo-crypto-hash vendor
  Time (mean ± σ):      4.814 s ±  0.096 s    [User: 1.752 s, System: 2.981 s]
  Range (min … max):    4.626 s …  5.005 s    10 runs
 
Benchmark 2: ~/cargo-profiling/cargo-sha2 vendor
  Time (mean ± σ):      4.759 s ±  0.057 s    [User: 1.711 s, System: 2.967 s]
  Range (min … max):    4.698 s …  4.852 s    10 runs
 
Summary
  '~/cargo-profiling/cargo-sha2 vendor' ran
    1.01 ± 0.02 times faster than '~/cargo-profiling/cargo-crypto-hash vendor'

Hotspot profile with perf record/report : Time taken in cargo_util::sha256::Sha256::update

perf record --call-graph dwarf ~/cargo-profiling/cargo-crypto-hash-debug vendor

• 10.74% 0.00% cargo-crypto-ha cargo-crypto-hash-debug [.] cargo_util::sha256::Sha256::update

perf record --call-graph dwarf ~/cargo-profiling/cargo-sha2-debug vendor

• 11.33% 0.01% cargo-sha2-debu cargo-sha2-debug [.] cargo_util::sha256::Sha256::update

[ahollmann]

Performance seems to be nearly the same at least on my system (Linux x86_64).

I can provide more performance data if you need it.

[arlosi]

I think this whole function can be simplified to avoid the copy:

self.0.finalize_reset().into()

[ahollmann]

Thanks! Done.

[arlosi]

Thanks! Perf is not impacted and Cargo already depends on sha2.

@bors r+

[bors]

📌 Commit 2f0ecf5 has been approved by arlosi

It is now in the queue for this repository.

[bors]

⌛ Testing commit 2f0ecf5 with merge 137c2e1...

[bors]

☀️ Test successful - checks-actions
Approved by: arlosi
Pushing 137c2e1 to master...