diff options
| author | jsing <> | 2025-04-18 13:19:39 +0000 |
|---|---|---|
| committer | jsing <> | 2025-04-18 13:19:39 +0000 |
| commit | 710fa3f5ab1ebef2c8c4b9bfdefe9a64dbaef0e5 (patch) | |
| tree | b3eaa246bba788deea85c0a511d862e9dff8c4ef /src/lib/libcrypto/arch | |
| parent | 13b88abbff8693fa18aa2a4927fb72fc131d5bf5 (diff) | |
| download | openbsd-710fa3f5ab1ebef2c8c4b9bfdefe9a64dbaef0e5.tar.gz openbsd-710fa3f5ab1ebef2c8c4b9bfdefe9a64dbaef0e5.tar.bz2 openbsd-710fa3f5ab1ebef2c8c4b9bfdefe9a64dbaef0e5.zip | |
Remove BS-AES and VP-AES from EVP.
The bitsliced and vector permutation AES implementations were created
around 2009, in attempts to speed up AES on Intel hardware. Both require
SSSE3 which existed from around 2006. Intel introduced AES-NI in 2008 and
a large percentage of Intel/AMD CPUs made in the last 15 years include it.
AES-NI is significantly faster and requires less code.
Furthermore, the BS-AES and VP-AES implementations are wired directly into
EVP (as is AES-NI currently), which means that any consumers of the AES_*
API are not able to benefit from acceleration. Removing these greatly
simplifies the EVP AES code - if you just happen to have a CPU that
supports SSSE3 but not AES-NI, then you'll now use the regular AES assembly
implementations instead.
ok kettenis@ tb@
Diffstat (limited to 'src/lib/libcrypto/arch')
| -rw-r--r-- | src/lib/libcrypto/arch/amd64/Makefile.inc | 6 | ||||
| -rw-r--r-- | src/lib/libcrypto/arch/i386/Makefile.inc | 4 |
2 files changed, 2 insertions, 8 deletions
diff --git a/src/lib/libcrypto/arch/amd64/Makefile.inc b/src/lib/libcrypto/arch/amd64/Makefile.inc index b1a6563931..b03aad782f 100644 --- a/src/lib/libcrypto/arch/amd64/Makefile.inc +++ b/src/lib/libcrypto/arch/amd64/Makefile.inc | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: Makefile.inc,v 1.37 2025/02/14 12:01:58 jsing Exp $ | 1 | # $OpenBSD: Makefile.inc,v 1.38 2025/04/18 13:19:39 jsing Exp $ |
| 2 | 2 | ||
| 3 | # amd64-specific libcrypto build rules | 3 | # amd64-specific libcrypto build rules |
| 4 | 4 | ||
| @@ -10,10 +10,6 @@ SRCS += crypto_cpu_caps.c | |||
| 10 | # aes | 10 | # aes |
| 11 | CFLAGS+= -DAES_ASM | 11 | CFLAGS+= -DAES_ASM |
| 12 | SSLASM+= aes aes-x86_64 | 12 | SSLASM+= aes aes-x86_64 |
| 13 | CFLAGS+= -DBSAES_ASM | ||
| 14 | SSLASM+= aes bsaes-x86_64 | ||
| 15 | CFLAGS+= -DVPAES_ASM | ||
| 16 | SSLASM+= aes vpaes-x86_64 | ||
| 17 | SSLASM+= aes aesni-x86_64 | 13 | SSLASM+= aes aesni-x86_64 |
| 18 | # bn | 14 | # bn |
| 19 | CFLAGS+= -DOPENSSL_IA32_SSE2 | 15 | CFLAGS+= -DOPENSSL_IA32_SSE2 |
diff --git a/src/lib/libcrypto/arch/i386/Makefile.inc b/src/lib/libcrypto/arch/i386/Makefile.inc index 6989b35686..4bcf8e2bbc 100644 --- a/src/lib/libcrypto/arch/i386/Makefile.inc +++ b/src/lib/libcrypto/arch/i386/Makefile.inc | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: Makefile.inc,v 1.27 2025/02/14 12:01:58 jsing Exp $ | 1 | # $OpenBSD: Makefile.inc,v 1.28 2025/04/18 13:19:39 jsing Exp $ |
| 2 | 2 | ||
| 3 | # i386-specific libcrypto build rules | 3 | # i386-specific libcrypto build rules |
| 4 | 4 | ||
| @@ -10,8 +10,6 @@ SRCS += crypto_cpu_caps.c | |||
| 10 | # aes | 10 | # aes |
| 11 | CFLAGS+= -DAES_ASM | 11 | CFLAGS+= -DAES_ASM |
| 12 | SSLASM+= aes aes-586 | 12 | SSLASM+= aes aes-586 |
| 13 | CFLAGS+= -DVPAES_ASM | ||
| 14 | SSLASM+= aes vpaes-x86 | ||
| 15 | SSLASM+= aes aesni-x86 | 13 | SSLASM+= aes aesni-x86 |
| 16 | # bn | 14 | # bn |
| 17 | CFLAGS+= -DOPENSSL_IA32_SSE2 | 15 | CFLAGS+= -DOPENSSL_IA32_SSE2 |