How to detect AES-NI compatible CPU

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

How to detect AES-NI compatible CPU

Chris Clark
My application links to OpenSSL 1.1.0 dynamically, and I would like to
be able to determine if the CPU supports the AES-NI instruction set.
Is there an OpenSSL API that can do this?

-Chris
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: How to detect AES-NI compatible CPU

OpenSSL - User mailing list
> My application links to OpenSSL 1.1.0 dynamically, and I would like to be able
> to determine if the CPU supports the AES-NI instruction set.
> Is there an OpenSSL API that can do this?

Look at man3/OPENSSL_ia32cap.pod ?
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: How to detect AES-NI compatible CPU

Viktor Dukhovni

> On Feb 3, 2017, at 2:01 PM, Salz, Rich via openssl-users <[hidden email]> wrote:
>
> Look at man3/OPENSSL_ia32cap.pod ?

Perhaps more convenient:

        https://www.openssl.org/docs/man1.1.0/crypto/OPENSSL_ia32cap.html

Note, there is no public C-API to access the underlying vector.

--
        Viktor.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: How to detect AES-NI compatible CPU

Jeffrey Walton-3
In reply to this post by Chris Clark
On Fri, Feb 3, 2017 at 1:55 PM, Chris Clark <[hidden email]> wrote:
> My application links to OpenSSL 1.1.0 dynamically, and I would like to
> be able to determine if the CPU supports the AES-NI instruction set.
> Is there an OpenSSL API that can do this?

Also note that even though the machine is capable of AES-NI, it does
not mean OpenSSL will use the hardware acceleration. If you call
AES_encrypt (and friends), then you get the "software-only"
implementation. If you disable the feature in the environment with
OPENSSL_ia32cap="~0x200000200000000", then you get the "software-only"
implementation

To use AES-NI, and other hardware accelerators like ARMv8's
instructions, you have to use the EVP interface.

Jeff
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Loading...