> How does it look for large input? As in many kilobytes or megabytes?
16K is all I was willing to wait for. Timing for really long blocks turns
into a memory test. The right unit is ns/byte. If that's an interesting
case, I'll hack some code to do longer blocks.
1.1.1g
AES-128 16 48
How does it look for large input? As in many kilobytes or megabytes?
Pauli
--
Dr Paul Dale | Distinguished Architect | Cryptographic Foundations
Phone +61 7 3031 7217
Oracle Australia
> On 18 Jun 2020, at 1:18 pm, Hal Murray wrote:
>
> Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
>
> After
Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
After Kurt's improvement, with our usage patterns (48 bytes), PKEY mode on
3.0.0 takes 2x as many cycles as 1.1.1
That factor probably depends on how good the hardware AES support is in your
CPU. I think it's significantly faster in newer CPU chips.
Thanks.
> The manpage documents: The call to EVP_DigestSignFinal() internally finalizes
> a copy of the digest context. This means that calls to EVP_DigestSignUpdate()
> and EVP_DigestSignFinal() can be called later to digest and sign additional
> data.
I saw that, but couldn't figure out
On Wed, Jun 17, 2020 at 03:50:05AM -0700, Hal Murray wrote:
> levi...@openssl.org said:
> > What does surprise me, though, is that direct EVP_MAC calls would be slower
> > than going through the PKEY bridge. I would very much like to see your code
> > to see what's going on.
>
> Over on an
There are 3 cases of "structure of NULL" where the "of" should be "or".
The "NULL" is actually "B" in the pod file.
doc/man3/EVP_PKEY_CTX_new.pod
doc/man3/X509_NAME_add_entry_by_txt.pod
doc/man3/X509V3_get_d2i.pod
--
There are several bugs/typos in the example code at the end of
Thanks.
levi...@openssl.org said:
> Quick forst answer, EVP_MAC_CTX is a typedef of struct evp_mac_ctx_st, which
> you find in crypto/evp/evp_local.h. It's quite small (smaller than
> EVP_MD_CTX and EVP_PKEY_CTX):
How much space does the crypto stuff take? The idea is to do all of the setup
levi...@openssl.org said:
> What does surprise me, though, is that direct EVP_MAC calls would be slower
> than going through the PKEY bridge. I would very much like to see your code
> to see what's going on.
Over on an ntpsec list, Kurt Roeckx reported that he was still waiting...
Richard's
