On Wed, 2008-12-10 at 04:58 +0800, Peter Waltenberg wrote: > If you want this in the mainstream code, you'll need to detect the > capability at runtime and use your alternate code paths only if the > hardware is present. It's not even to Intels advantage if OpenSSL crashes > and burns on older Intel CPU's and most bulk users of OpenSSL (OS vendors) > won't want to mess around installing different OpenSSL versions for > different hardware. > > Autodetection is the best option if the detection overhead is reasonable - > take a look at crypto/x86_64cpuid.pl for how to do the detection logic > neatly. > There are advantages in this being present all the time/dynamically enabled > if it can be done, most users/OS vendors wouldn't bother to configure an > engine backend anyway.
Auto-detection has been implemented in patch. - In entry point of AES algorithm in crypto/aes/asm/aes-x86_64.pl, OPENSSL_ia32cap_P is checked, if corresponding bit (57) is set, branch into AES-NI based implementation. Best Regards, Huang Ying
Description: This is a digitally signed message part