[issue27768] ssl: add public API for IA-32 processor capabilities vector

Gregory P. Smith added the comment: The processor capabilities vector is not the API you want. What you want is an API to ask the ssl library about characteristics of algorithm implementations it will be using. Those are not the same thing. If we want to expose processor capabilities as a

[issue27768] ssl: add public API for IA-32 processor capabilities vector

Antoine Pitrou added the comment: If we wanted to expose such information, we would need to do it in a dedicated module (or in `os`) and provide something that doesn't restrict itself to two particular x86 flags. requests can rely on a private attribute if they really want to. --

[issue27768] ssl: add public API for IA-32 processor capabilities vector

Christian Heimes added the comment: Why? Other libraries like requests like to use the information, too. -- ___ Python tracker ___

[issue27768] ssl: add public API for IA-32 processor capabilities vector

Antoine Pitrou added the comment: The constants would have to be private, too. We really don't want to encourage other users to rely on them. -- ___ Python tracker

[issue27768] ssl: add public API for IA-32 processor capabilities vector

Christian Heimes added the comment: GPS, sure it is simple enough under Linux. But what about other operating systems? OPENSSL_ia32cap_loc() works under Windows, too. Antoine, AES-GCM is still faster and performs better than ChaCha20 Poly1305. NSS and Mozilla's recommended cipher suite list

[issue27768] ssl: add public API for IA-32 processor capabilities vector

Antoine Pitrou added the comment: I still think it's a slippery slope to include such specialized APIs that most people don't know what to make of. This reminds me of `RAND_egd()`. If ChaCha20-Poly1305 is always /at least/ as secure as AES-GCM (and sometimes more), then we should simply

[issue27768] ssl: add public API for IA-32 processor capabilities vector

Alex Gaynor added the comment: In this case, performance is security. Both AES-GCM and ChaCha20-Poly1305 are secure. Modulo one thing: GCM in software is hard to implement in constant-time, so it's strongly preferable to use it only when there's a hardware implementation. It works out nicely

[issue27768] ssl: add public API for IA-32 processor capabilities vector

Antoine Pitrou added the comment: Agreed with Gregory. I'm also surprised you consider selecting a cipher suite based on performance considerations rather than security. I'm not sure that's something we want to promote. (btw, AES speed is usually not a critical factor except in very specific

[issue27768] ssl: add public API for IA-32 processor capabilities vector

Gregory P. Smith added the comment: This is very architecture specific and focused on low level information that you can also already get from places like /proc/cpuinfo on Linux. Also, regardless of what capability bits a CPU exposes that has nothing to do with what accelerations the

[issue27768] ssl: add public API for IA-32 processor capabilities vector

New submission from Christian Heimes: OpenSSL has a function called OPENSSL_ia32cap_loc() to get the processor's capability vector in X86 and X86_64 systems. The information is useful to decide which cipher suite to prefer. For example on machines without AES-NI and CLMUL CPU instructions,