Though I am not a member of the OpenSSL team, I totally agree with you. As for the AES, the Westmere CPUs have also a new instruction for the GHASH (pclmulqdq / _mm_clmulepi64_si128). This as well is only available as intrinsic or in native assembler.
So, when I offered some weeks ago a contribution regarding the GHASH for the GCM, (now with a fallback from pclmulqdq to SSE2 to native C), I was instructed that (at least inline) assembler or intrinsics are not an option for OpenSSL. > Inline assembler (or exotic intrinsics) is not considered > as viable option for MMX/SSE (or any code bigger than couple of > instructions), perlasm code is. As all major compilers for Intel CPUs support intrinsics and, if used correctly, optimize to the same instructions as direct assembler, IMHO these policies should be reconsidered to keep OpenSSL competitive. For good reasons perlasm is not an option for a company like Intel. To get a solution, I now use a self-patched version of OpenSSL with intrinsics which fulfills my and my customer's requirements. Peter-Michael -- Peter-Michael Hager - acm senior - HAGER-ELECTRONICS GmbH - Germany On Mon, 2009-09-14 and Thu, 2010-30-25 David Woodhouse via RT wrote: > I'm a little confused about the way Intel AES-NI is supported in OpenSSL > HEAD. > > This is just a feature of new CPUs, like SSE is. Yet SSE support is > directly included in the normal assembly routines for x86, while AES-NI > is implemented separately as an engine. Why is that? > > Are we slowly moving _all_ the 'special' implementations to engines, and > uncluttering the core implementations? Or are we just being > inconsistent? Or is there some distinction between the two (SSE/AESNI) > that I'm missing, which makes it sensible to treat them differently? > > For now, let's at least address the major disadvantage of the engine, > which is that it doesn't even get _used_ unless someone registers it. > > diff --git a/crypto/engine/eng_aesni.c b/crypto/engine/eng_aesni.c > index 2a997ca..91fb5b8 100644 > --- a/crypto/engine/eng_aesni.c > +++ b/crypto/engine/eng_aesni.c > @@ -106,6 +106,7 @@ void ENGINE_load_aesni (void) > return; > ENGINE_add (toadd); > ENGINE_free (toadd); > + ENGINE_register_complete (toadd); > ERR_clear_error (); > #endif > } ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
