[PATCH] Use Intel AES instruction set if it exists - v3
abartlet at samba.org
Wed Sep 6 09:46:37 UTC 2017
On Tue, 2017-09-05 at 14:08 -0700, Jeremy Allison via samba-technical
> Native Samba AES code: 1.000
> Intel AES code: 2.386
> libnettle --enable-fat (Fedora|SuSE): 1.704
> libnettle (Debian|Ubuntu): 0.818
> As you can see, Intel AES code gives a significant
> Given that, after discussions offline with Andreas
> (who has to support FIPS certification for Fedora)
> and Metze, here is a patchset that allows configure
> time selection of AES crypto.
I'm satisfied that this addresses my objections, I'll leave the rest
between you and Andreas.
The next step would be to get more of our code using GnuTLS or
libnettle, just to get out of maintaining crypto.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical