commit 25c9e3aab9237b9d01229eb9bdb73450cc4ccfcb Merge: fcf5c92 fbec45c Author: Nick Mathewson nickm@torproject.org Date: Fri Nov 25 10:36:13 2011 -0500
Merge branch 'more_aes_hackery_rebased'
Conflicts: changes/aes_hackery
changes/aes_hackery | 10 +++ src/common/aes.c | 208 +++++++++++++++++++++++++++++++++--------------- src/common/aes.h | 2 + src/common/crypto.c | 3 + src/test/test_crypto.c | 33 +++++++- 5 files changed, 186 insertions(+), 70 deletions(-)
diff --cc changes/aes_hackery index 0000000,b22cefe..8b2ef1a mode 000000,100644..100644 --- a/changes/aes_hackery +++ b/changes/aes_hackery @@@ -1,0 -1,16 +1,10 @@@ - o Code simplification and refactoring: - - Unconditionally use OpenSSL's AES implementation instead of our - old built-in one. OpenSSL's AES has been better for a while, and - relatively few servers should still be on any version of OpenSSL - that doesn't have good optimized assembly AES. - + o Major features (AES performance): - - Use OpenSSL's EVP interface for AES encryption, so that all - AES operations can use hardware acceleration (if present). - Resolves issue #4442. - - But only use the EVP interface when AES acceleration is enabled, - to avoid a performance regression. Resolves issue #4525. + - When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode + implementation; it makes AES_CTR about 7% faster than our old one + (which was about 10% faster than the one OpenSSL used to provide). + Resolves issue #4526. ++ ++ o Major bugfixes (AES performance): ++ - Only use the EVP interface when AES acceleration is enabled, ++ to avoid a 5-7% performance regression. Resolves issue #4525, ++ bugfix on 0.2.3.8-alpha.