[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Less OT: Here's a Solaris crypto acceleration branch to try.



Since people are interested in Solaris crypto acceleration, I should
point out that there's an unfinished solaris-aes branch in my public
git repository[1].  (It's off an older version of 2.0.x, so you would
want to merge it into the latest master to try it out.[2])

The original code here was by Wyllys Ingersoll; I cleaned it up a bit
to be a bit closer to our house style.  It is supposed to take
advantage of the AES_CTR mode from Solaris's PKCS11 support.  Wyllys
said that his original patch gave him a 25x improvement for relay
payload encryption on a Sun Niagara 2 with AES_CTR from the n2cp
accelerator.

The branch needs more work if anybody wants to take a shot at it.
Specifically:

  1) It needs to detect at build time whether we actually have PKCS11
     support, and define the USE_PKCS11_FRAMEWORK macro if so.

  2) It needs to support using the aes_set_iv function to adjust the
     AES counter, or else hidden services will break.

  3) We actually need to try building it on a version of solaris with
     the right PKCS11 support, to make sure it still works after my
     cleanups.

  4) We need to actually try building it on a version of solaris
     *without* PKCS11 support, to make sure we didn't break those.

I haven't got a Solaris installation, so I'm not in a good position to
do any of these, but if somebody who knows Solaris wants to give it a
shot, that would be grand.


[1] git://git.torproject.org/~nickm/git/tor

[2] Here's some Git help.  To get a copy of the master branch with the
    solaris-aes branch merged in, you would do something like this,
    assuming you already have a checked-out version of the main Tor
    repository:

       git remote add nickm git://git.torproject.org/~nickm/git/tor
       git fetch nickm
       git branch solaris-aes-merged master
       git checkout solaris-aes-merged
       git merge nickm/solaris-aes

    This is no substitute for reading the Git tutorial, though.

peace,
-- 
Nick
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/