summaryrefslogtreecommitdiff
path: root/changes/aes_hackery
blob: b22cefe9016d43e9849c113a98f8642f2b67b59c (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

  o Code simplification and refactoring:
    - Unconditionally use OpenSSL's AES implementation instead of our
      old built-in one. OpenSSL's AES has been better for a while, and
      relatively few servers should still be on any version of OpenSSL
      that doesn't have good optimized assembly AES.

  o Major features (AES performance):
    - Use OpenSSL's EVP interface for AES encryption, so that all
      AES operations can use hardware acceleration (if present).
      Resolves issue #4442.
    - But only use the EVP interface when AES acceleration is enabled,
      to avoid a performance regression.  Resolves issue #4525.
    - When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode
      implementation; it makes AES_CTR about 7% faster than our old one
      (which was about 10% faster than the one OpenSSL used to provide).
      Resolves issue #4526.
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion