Opened 8 years ago

Closed 8 years ago

Last modified 7 years ago

#4442 closed enhancement (implemented)

The crypto in aes.c should use openssl's EVP_ functions.

Reported by: nickm Owned by:
Priority: High Milestone: Tor: 0.2.3.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-relay
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

It looks like we're not getting the full benefits of OpenSSL's hardware acceleration support, since the AES_encrypt function does the crypto directly in C or asm (typically asm), rather than redirecting to an engine if one is present.

Whoops!

So, let's fix that.

I believe that it's sufficient to just define USE_OPENSSL_EVP in aes.c. Also, we should really rip out the bits of that file which we don't use -- we're no longer in a position where our fallback implementation is ever a better idea to openssl's.

We should benchmark this change to make sure that it's not a step backwards -- I doubt it is.

Also, we should consider using EVP_ functions for SHA1 and SHA256 when present. For RSA and DH, however, the OpenSSL RSA_ and DH_ functions already know about engines.

Child Tickets

Change History (8)

comment:1 Changed 8 years ago by nickm

Status: newneeds_review

See branch bug4442 in my public repository. I think it's mergeable.

comment:2 Changed 8 years ago by Sebastian

Looks neat! I have a branch bug4442 in my repository with some documentation cleanups, and a few other things I noticed while poking around.

comment:3 Changed 8 years ago by Sebastian

(feel free to merge/squash/cherry-pick what makes sense, of course)

comment:4 Changed 8 years ago by nickm

Looks good; I've merged your changes on. I will probably want to squash the docfix one before merging.

BTW, did you try running the benchmarks? Any interesting results when you did?

comment:5 Changed 8 years ago by Sebastian

yeah, I ran the benchmarks before and after this branch (except that I added the patch to make it work, of course). I don't have aes-ni, and the results were exactly the same:

bench_aes: 1 bytes: 15 nsec per byte
2 bytes: 11 nsec per byte
4 bytes: 8 nsec per byte
8 bytes: 7 nsec per byte
16 bytes: 7 nsec per byte
32 bytes: 6 nsec per byte
64 bytes: 6 nsec per byte
128 bytes: 6 nsec per byte
256 bytes: 6 nsec per byte
512 bytes: 6 nsec per byte
1024 bytes: 6 nsec per byte
2048 bytes: 6 nsec per byte
4096 bytes: 6 nsec per byte
8192 bytes: 6 nsec per byte

So I guess it doesn't matter whether we use openssl's AES_ or EVP_ functions for the non-engine case.

comment:6 Changed 8 years ago by nickm

Resolution: implemented
Status: needs_reviewclosed

ok, squashed and merged

comment:7 Changed 7 years ago by nickm

Keywords: tor-relay added

comment:8 Changed 7 years ago by nickm

Component: Tor RelayTor
Note: See TracTickets for help on using tickets.