On Nov 20, 2011 8:47 AM, "Watson Ladd" <[email protected]> wrote: > > So why doesn't aes.c use the same thing as is initialized in crypto.c?
Because, according to our benchmarks, on systems *without* aesni or other hardware acceleration, using the AES_* functions is actually faster than the EVP_* ones. (By about 5%.) Since the function is critical path, we want to use the fastest variant we can. I think the right solution here is going to wind up involving checking whether an AES engine is in use, and if so using EVP_, otherwise using AES_. Additionally, while our counter-mode implementation is much faster than older openssl's, it seems like openssl got a faster counter-mode implementation around 1.0.0; we should use that one instead where available. cheers, -- Nick _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
