From: Nick Mathewson Date: Fri, 25 Nov 2011 15:36:13 +0000 (-0500) Subject: Merge branch 'more_aes_hackery_rebased' X-Git-Tag: tor-0.2.3.9-alpha~58 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=25c9e3aab9237b9d01229eb9bdb73450cc4ccfcb;p=thirdparty%2Ftor.git Merge branch 'more_aes_hackery_rebased' Conflicts: changes/aes_hackery --- 25c9e3aab9237b9d01229eb9bdb73450cc4ccfcb diff --cc changes/aes_hackery index 0000000000,b22cefe901..8b2ef1a2e3 mode 000000,100644..100644 --- a/changes/aes_hackery +++ b/changes/aes_hackery @@@ -1,0 -1,16 +1,10 @@@ - o Code simplification and refactoring: - - Unconditionally use OpenSSL's AES implementation instead of our - old built-in one. OpenSSL's AES has been better for a while, and - relatively few servers should still be on any version of OpenSSL - that doesn't have good optimized assembly AES. - + o Major features (AES performance): - - Use OpenSSL's EVP interface for AES encryption, so that all - AES operations can use hardware acceleration (if present). - Resolves issue #4442. - - But only use the EVP interface when AES acceleration is enabled, - to avoid a performance regression. Resolves issue #4525. + - When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode + implementation; it makes AES_CTR about 7% faster than our old one + (which was about 10% faster than the one OpenSSL used to provide). + Resolves issue #4526. ++ ++ o Major bugfixes (AES performance): ++ - Only use the EVP interface when AES acceleration is enabled, ++ to avoid a 5-7% performance regression. Resolves issue #4525, ++ bugfix on 0.2.3.8-alpha.