[PATCH] Use Intel AES instruction set if it exists.

Andreas Schneider asn at samba.org
Fri Sep 1 19:51:05 UTC 2017

On Friday, 1 September 2017 21:12:08 CEST Jeremy Allison via samba-technical 
> On Fri, Sep 01, 2017 at 10:05:18AM -0700, Jeremy Allison via samba-technical 
> > OK, let's chat. In the meantime, parsing Metze's cryptic words
> > of wisdom... :-)
> > 
> > Isn't this:
> > 
> > https://git.samba.org/?p=metze/samba/wip.git;a=commitdiff;h=3759eb23b38c
> > 
> > *exactly* what we're both talking about ?
> Indeed it was...
> So as Metze already essentially *did* the libnettle work (just didn't
> mention it :-) here is a version that uses libnettle for the 4 AES
> functions (I added Metze's 'Signed-off-by:' as well as mine as it's
> 99% his work):
> AES_set_encrypt_key()
> AES_set_decrypt_key()
> AES_encrypt()
> AES_decrypt()
> which (if libnettle has been compiled correctly) should use the Intel
> AESNI instructions - giving the same speed benefits as the direct patch.
> I'm getting Justin @ Netgear to test, so I'm not proposing this for
> inclusion until I get the results - just wanted to report back sooner
> rather than later (I got a bit snotty asking for resource and schedules
> 'cos I was pissed over people looking a gift horse in the mouth - sorry
> about that). Seems I was looking Metze's gift horse in the mouth myself
> (although in my defense I didn't know about it :-) :-).

The nettle implementation *could be* a slower than the one from the Kernel. 
Niels wrote on the nettle mailinglist:

~~~~ quote ~~~~
* Nettle's AESNI assembly routines were written for simplicity and small
  code size, without putting a lot of effort into it. They could
  probably be sped up by some unrolling or more careful instruction
  scheduling. Patches welcome (but we shouldn't use excessive unrolling
  unless there's a significant speedup).
~~~~ quote ~~~~


Looks like GnuTLS uses the OpenSSL assembler files (because they are BSD 


Andreas Schneider                   GPG-ID: CC014E3D
Samba Team                             asn at samba.org

More information about the samba-technical mailing list