The size increase from adding the EVP interface to a module that does not already include it (through the HMAC functions) is ~192KB.
toggle quoted messageShow quoted text
Intel documentation on the IA version of the feature lists speed improvement of ~32% to ~47% depending on the operation and key size. Other architectures may see different speed improvements. I have only tested this file with OvmfPkg through QEMU.
I did not add this .c file to any INF file because it will add ~192KB to any module that includes AES functionality and it should be up to the end user if they want to include this file for the size tradeoff vs. the speed gain for their particular architecture. Additionally as the only native OpensslLib implementation available currently is for X64 architecture, any other architecture would have a size increase with no speed improvement.
From: Yao, Jiewen <email@example.com>
Sent: Friday, October 30, 2020 18:10
To: Zurcher, Christopher J <firstname.lastname@example.org>;
Cc: Wang, Jian J <email@example.com>; Lu, XiaoyuX <firstname.lastname@example.org>;
Jiang, Guomin <email@example.com>; Sung-Uk Bin <firstname.lastname@example.org>; Ard
Subject: RE: [PATCH 0/1] CryptoPkg/BaseCryptLib: Add EVP implementation for
I am not sure why you only add a .c file, but do not add this c to any INF
file. This seems a dummy C file.
I recommend you drop this and create a full patch to add C and update INF
Since you are talking performance and size, do you have any data?
For example, how fast you have got? What is the size difference before and
This can help other people make decision to choose which version.
From: Christopher J Zurcher <email@example.com>
Sent: Thursday, October 29, 2020 2:43 AM
Cc: Yao, Jiewen <firstname.lastname@example.org>; Wang, Jian J
<email@example.com>; Lu, XiaoyuX <firstname.lastname@example.org>; Jiang, Guomin
<email@example.com>; Sung-Uk Bin <firstname.lastname@example.org>; Ard
Subject: [PATCH 0/1] CryptoPkg/BaseCryptLib: Add EVP implementation for
This patch provides a drop-in replacement for CryptAes.c which utilizes
the EVP interface to OpenSSL. This enables access to the assembly-optimized
This patch has been unit-tested in both VS and CLANG build environments
using both an X64 assembly-optimized implementation of OpensslLib and
Usage of this file does not require an assembly-optimized implementation of
OpensslLib to function; it does however require one to provide a speed
The C-only AES implementation included by CryptAes.c is extremely small,
and since this file includes the EVP interface, it will significantly
increase the size of any module that includes it. As a result, I have not
replaced the original CryptAes.c as a default in any of the CryptLib
Cc: Jiewen Yao <email@example.com>
Cc: Jian J Wang <firstname.lastname@example.org>
Cc: Xiaoyu Lu <email@example.com>
Cc: Guomin Jiang <firstname.lastname@example.org>
Cc: Sung-Uk Bin <email@example.com>
Cc: Ard Biesheuvel <firstname.lastname@example.org>
Christopher J Zurcher (1):
CryptoPkg/BaseCryptLib: Add EVP implementation for CryptAes.c
CryptoPkg/Library/BaseCryptLib/Cipher/CryptAesEvp.c | 262
1 file changed, 262 insertions(+)
create mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptAesEvp.c