On Wed, Aug 09, 2017 at 01:08:47PM +0000, - JinsongJi wrote: > For one simple operation: openssl enc -aes-256-cbc -salt -in foo.txt -out foo.enc > Does openssl pick classic implementation or AES-NI implementation to do this encrypt? The enc(1) command uses the EVP API to access the requested symmetric cipher. As a result, AES-NI and the like will be used when supported by the hardware and enabled in your OpenSSL library. > Does any user/application always pick classic implementation for > AES operation regardless of AES-NI improves speed much? If the application uses EVP_get_cipherbyname() and the like, it gets the best available implementation of the cipher. If it bypasses EVP it may get a slower implementation and/or one that has less side-channel resistance. Bottom-line, use EVP. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
