>> So if you directly use the AES API you used to have a little better >> performance, >> but now you don't get the AES-NI support and so are a factor slower when >> using it. >> >> Is this the normal and expected behaviour? > > I hope this isn't true. If it is, it means applications like OpenSSH > that directly use the cipher APIs in OpenSSL will not get the benefit > of AES-NI.
objdump -T /usr/bin/ssh | grep -i AES 00000000 DF *UND* 00000000 AES_encrypt 00000000 DF *UND* 00000000 EVP_aes_192_cbc 00000000 DF *UND* 00000000 EVP_aes_256_cbc 00000000 DF *UND* 00000000 AES_set_encrypt_key 00000000 DF *UND* 00000000 EVP_aes_128_cbc 000xxxxx g DF .text 000xxxxx Base evp_aes_128_ctr OpenSSH does use EVP and benefits from AES-NI. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
