Use aesenclast to do key expansion for AES-256 rather than aeskeygenassist.
Shay Gueron gives the technique in his AES-NI whitepaper; I discovered, after implementing my own version (and looking for places to patch), that he and Vlad Krasnov had already implemented this technique in NSS. Relative speedup (key expansion microbenchmark): 1.9x Relative speedup, AES-256-GCM seal of 16B messages (BoringSSL tool/bssl speed): 1.17x This can obviously be extended to other key-lengths; but since I don't think people should be using AES-128, and no one uses AES-192, I see little point in doing so. License for patch: CC0.
0001-Speedup-AES-256-key-expansion-by-1.92x.patch
Description: Binary data
