On Tuesday, May 3, 2016 at 5:09:12 AM UTC-4, Siyuan Ren wrote: > > It seems that without being compiled with the option `-march=native`, > crypto++ does not have AES-NI enabled. `-march=native`, however, generate > builds that possibly cannot be run on other CPUs. Could Crypto++ always > compile with AES-NI in, and selects whichever implementation available at > runtime? >
At this point in time, no it cannot. If GCC supports AES, then you can use `-march=native -maes` to unconditionally enable AES-NI. However, the bigger problem is the interface in the header (H file) potentially changes. That's because when AES is available, AES::Decryption adds additional symbols: #if CRYPTOPP_BOOL_AESNI_INTRINSICS_AVAILABLE size_t AdvancedProcessBlocks(const byte *inBlocks, const byte *xorBlocks, byte *outBlocks, size_t length, word32 flags) const; #endif We really need to provide a consistent header for AES, and make changes in the source (CPP file). We also need the source to provide multiple implementations (CXX and AES-NI). Then at runtime, pick the fastest implementation possible. We identified this as a potential gap, and used a different strategy with BLAKE2. See the use of s_pfn in blake2.cpp. s_pfn is a static function pointer, and it selects the fastest BLAKE2 compression function at runtime. Here's the initialization of s_pfn for the 64-bit compression function (http://github.com/weidai11/cryptopp/blob/master/blake2.cpp): pfnCompress64 InitializeCompress64Fn() { #if CRYPTOPP_BOOL_SSE4_INTRINSICS_AVAILABLE if (HasSSE4()) return &BLAKE2_SSE4_Compress64; else #endif #if CRYPTOPP_BOOL_SSE2_INTRINSICS_AVAILABLE if (HasSSE2()) return &BLAKE2_SSE2_Compress64; else #endif return &BLAKE2_CXX_Compress64; } None of this switching bleeds into a header file. Jeff -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
