-
Notifications
You must be signed in to change notification settings - Fork 131
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
libressl
sha1 performance regression vs openssl
.
#3555
Comments
libressl
ssl performance regression vs openssl.libressl
ssl performance regression vs openssl
.
libressl
ssl performance regression vs openssl
.libressl
sha1 performance regression vs openssl
.
Thank you! That went unnoticed. The micro benchmarks (on my machine) confirm a factor 2 slowdown of libressl vs. openssl. This is true also for the latest version of libressl. Unfortunately, the OpenSSL 3 interface changes make it unusable for cvmfs. Not sure what a good option is. Possibilities are
Let's see with the libressl project first. I'll open an issue. This seems to be the relevant commit. Merged for OpenSSL 1.0.2, unfortunately briefly after LibreSSL was forked. |
We should also not exclude moving back to OpenSSL. At least we should note down exactly where API functionality was really removed as compared to where we only need to use it differently. |
Both GnuTLS and Botan make it difficult to control memory allocation/deallocation of the hash context. But nettle looks interesting. It has the same SHA-1 performance than OpenSSL. Nettle is a crypto backend of GnuTLS. |
Looks like the sha1 code in
libressl
uses SSSE3 instructions, but not the newer SHA1 instruction extensions, which are used byopenssl
. This is showing up as a performance regression with 2.11 vs 2.8.The text was updated successfully, but these errors were encountered: