AES improvements on Intel CPUs

Stephan Mueller smueller at
Fri Feb 18 07:20:37 CET 2011

Am Donnerstag, 17. Februar 2011, um 18:24:27 schrieb Werner Koch:

Hi Werner,

> There is even a way to disable the use of AES-NI:
>   @item GCRYCTL_DISABLE_HWF; Arguments: const char *name

Thank you very much for pointing that out.
> > I guess you know where I am coming from: it would be great when it is
> > possible for the caller/administrator (at least in FIPS mode) to allow
> > or disallow that AES-NI cipher use.
> If you run in FIPS mode, no hardware features will be detected.  Of
> course that can easily be changed.  Details need to be discussed;
> e.g. whether it is allowed to run the detection code in fips mode or
> whether it is sufficient to mask out the features which are not to be
> validated.

That sounds great.

As we all do not know what the next FIPS validation will cover, all that would 
be interesting is an easy way (even with a small code change) to define with 
cipher implementations will be available in FIPS mode and which not. And that 
seems the case for AES-NI. I would guess that is also the case for padlock.

For example, is it possible to easily flip the FIPS switch for either padlock 
or AES-NI in cipher.c:cipher_table?


| Cui bono? |

More information about the Gcrypt-devel mailing list