Re: [openssl-users] Does openssl pick low level interface or high level interface to do encrypt?
On Wed, Aug 09, 2017 at 01:08:47PM +, - JinsongJi wrote: > For one simple operation: openssl enc -aes-256-cbc -salt -in foo.txt -out > foo.enc > Does openssl pick classic implementation or AES-NI implementation to do this > encrypt? The enc(1) command uses the EVP API to access the requested symmetric cipher. As a result, AES-NI and the like will be used when supported by the hardware and enabled in your OpenSSL library. > Does any user/application always pick classic implementation for > AES operation regardless of AES-NI improves speed much? If the application uses EVP_get_cipherbyname() and the like, it gets the best available implementation of the cipher. If it bypasses EVP it may get a slower implementation and/or one that has less side-channel resistance. Bottom-line, use EVP. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Does openssl pick low level interface or high level interface to do encrypt?
What OpenSSL does is not necessarily obvious. The INSTALL document talks about the no-asm configuration option. Details about what the assembler code does in terms of optimization are only available by reading the source code comments in the various Perl files that generate the assembler, mostly. On x86, the assembly code uses the CPUID instruction (see the OPENSSL_ia32cap.pod manpage) to determine if various instructions (AES, SSE, MMX, etc) are available and will use them if so. For other processors, similar tests are performed if at all possible. I have added this to the FAQ -- Senior Architect, Akamai Technologies Member, OpenSSL Dev Team IM: richs...@jabber.at Twitter: RichSalz From: - JinsongJi [mailto:jjsb...@hotmail.com] Sent: Wednesday, August 09, 2017 9:09 AM To: openssl-users@openssl.org Subject: [openssl-users] Does openssl pick low level interface or high level interface to do encrypt? Hi, For one simple operation: openssl enc -aes-256-cbc -salt -in foo.txt -out foo.enc Does openssl pick classic implementation or AES-NI implementation to do this encrypt? Does any user/application always pick classic implementation for AES operation regardless of AES-NI improves speed much? Is there any document about this interface selection? Thanks, Jinsong -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Does openssl pick low level interface or high level interface to do encrypt?
Hi, For one simple operation: openssl enc -aes-256-cbc -salt -in foo.txt -out foo.enc Does openssl pick classic implementation or AES-NI implementation to do this encrypt? Does any user/application always pick classic implementation for AES operation regardless of AES-NI improves speed much? Is there any document about this interface selection? Thanks, Jinsong -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users