Query reg AES_NI usage with OpenSSL-1.0.1h

Discussion:

Mukesh Yadav

2014-09-18 08:40:01 UTC

Hi,

I have written application code for encryption and decryption using OpenSSL
library.
I am testing on machine where AES-NI support is present. I am not sure how
can I confirm
whether execution is using AES-NI instruction set.

When run command line openssl speed -evp aes128, I was seeing
aesni_cbc_cipher() getting hit.
But with my sample code, I am not seeing aesni_cbc_cipher() getting
executed..

Openssl ver: OpenSSL-1.0.1h

Sample high level code is like
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
OPENSSL_config(NULL);

EVP_CIPHER_CTX_init(&ctx);
if(1 != EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key, iv))
handleErrors();
EVP_CIPHER_CTX_set_padding(&ctx, 0);

if(1 != EVP_DecryptUpdate(&ctx, plaintext, &len, ciphertext,
ciphertext_len))
handleErrors();
plaintext_len = len;

if(1 != EVP_DecryptFinal_ex(&ctx, plaintext + len, &len)) handleErrors();
plaintext_len += len;
EVP_CIPHER_CTX_cleanup(&ctx);

Any pointers will be appreciated..

Thanks
Mukesh

Jeffrey Walton

2014-09-18 13:46:02 UTC

Permalink

Post by Mukesh Yadav
I have written application code for encryption and decryption using OpenSSL
library.
I am testing on machine where AES-NI support is present. I am not sure how
can I confirm
whether execution is using AES-NI instruction set.
...
Any pointers will be appreciated..

OpenSSL has a test for AES-NI, but it only works from the static lib.
It only works for static libs because OPENSSL_ia32cap_P[] is not *not*
exported/available from the shared object. Here's the test from
crypto/evp/e_aes.c:

#define AESNI_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32)))

If you want a test that works from both the static lib and shared
object, then you have to provide it yourself. The stuff I use is
available at http://stackoverflow.com/questions/25284119/how-can-i-check-if-openssl-is-suport-use-the-intel-aes-ni.

Even if AES-NI is available, it does not mean you will use it. If you
use low level AES_* functions, then you will not use it because its a
software implementation. To [potentially] use AES-NI, you have to use
the EVP_* functions. There's no guarantee EVP_* functions will use
hardware features like AES-NI, but EVP_* functions will usually use
features like AES-NI, if available.

believe the OpenSSL docs state the same at
https://www.openssl.org/docs/crypto/EVP_EncryptInit.html:

Where possible the EVP interface to symmetric ciphers
should be used in preference to the low level interfaces.
This is because the code then becomes transparent to
the cipher used and much more flexible. Additionally,
the EVP interface will ensure the use of platform specific
cryptographic acceleration such as AES-NI (the low level
interfaces do not provide the guarantee).

AES_* vs EVP_* is also why you see the difference in 'openssl speed
...' test when using (or not using) the '-evp' option.

There was also a discussion about it about a year ago at "Verify
AES-NI use at runtime?",
https://groups.google.com/d/msg/mailing.openssl.users/URRJ7Wx1fvw/ONdhjFxfrb0J.

Jeff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org

Mukesh Yadav

2014-09-18 20:10:35 UTC

Permalink

Thanks Jeff for really good amount of info..
I have integrated code from below link of HasAESNI() and HasRDRAND() in my
application code. AESNI is enabled but RDRAND is not.
http://stackoverflow.com/questions/25284119/how-can-i-check-if-openssl-is-suport-use-the-intel-aes-ni
.

I am using EVP interface and static library already. So in that case I
suppose that AES-NI is supported..

Besides this how can it be confirmed that at run-time for operation like
enc/dec, AES_NI are getting used instead of normal..
I was assuming if encryption is being done and it's using NI
routines, aesni_cbc_cipher() will for sure get executed...
In my case, this func is not getting hit.... Is there any other way to
confirm the same objective

Thanks
Mukesh

Post by Mukesh Yadav

Post by Mukesh Yadav
I have written application code for encryption and decryption using

OpenSSL

Post by Mukesh Yadav
library.
I am testing on machine where AES-NI support is present. I am not sure

how

Post by Mukesh Yadav
can I confirm
whether execution is using AES-NI instruction set.
...
Any pointers will be appreciated..

OpenSSL has a test for AES-NI, but it only works from the static lib.
It only works for static libs because OPENSSL_ia32cap_P[] is not *not*
exported/available from the shared object. Here's the test from
#define AESNI_CAPABLE (OPENSSL_ia32cap_P[1]&(1<<(57-32)))
If you want a test that works from both the static lib and shared
object, then you have to provide it yourself. The stuff I use is
available at
http://stackoverflow.com/questions/25284119/how-can-i-check-if-openssl-is-suport-use-the-intel-aes-ni
.
Even if AES-NI is available, it does not mean you will use it. If you
use low level AES_* functions, then you will not use it because its a
software implementation. To [potentially] use AES-NI, you have to use
the EVP_* functions. There's no guarantee EVP_* functions will use
hardware features like AES-NI, but EVP_* functions will usually use
features like AES-NI, if available.
believe the OpenSSL docs state the same at
Where possible the EVP interface to symmetric ciphers
should be used in preference to the low level interfaces.
This is because the code then becomes transparent to
the cipher used and much more flexible. Additionally,
the EVP interface will ensure the use of platform specific
cryptographic acceleration such as AES-NI (the low level
interfaces do not provide the guarantee).
AES_* vs EVP_* is also why you see the difference in 'openssl speed
...' test when using (or not using) the '-evp' option.
There was also a discussion about it about a year ago at "Verify
AES-NI use at runtime?",
https://groups.google.com/d/msg/mailing.openssl.users/URRJ7Wx1fvw/ONdhjFxfrb0J
.
Jeff
______________________________________________________________________
OpenSSL Project http://www.openssl.org

Jeffrey Walton

2014-09-19 03:45:46 UTC

Permalink

Post by Mukesh Yadav
I have integrated code from below link of HasAESNI() and HasRDRAND() in my
application code. AESNI is enabled but RDRAND is not.

RDRAND is a different CPU capability. I've got a Mac Book Pro that has
AES-NI, but does not have RDRAND.

Cat /proc/cpuinfo and see if its available. See
http://unix.stackexchange.com/questions/43539/what-do-the-flags-in-proc-cpuinfo-mean.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org