Summary

Improve the out-of-box AES Crypto performance by using x86 AESinstructions when available, and by avoiding unnecessary re-expansion ofthe AES key.

Motivation

AES encryption is common in applications and such applications expectgood performance. We should make it easy to get that good performanceout of the box for processors that support AES instructions in hardware.

Description

The intent of this change is to improve the out-of-the-box performance ofapplications that use AES cryptography. The hotspot compiler change(7184394) and the security library change (7185471) are actuallycompletely independent except for the fact that they are both related toAES performance.

The hotspot compiler AES instruction generation happens automatically ifthe x86 processor supports such instructions (there is a flag to turnthis off if desired). These instructions can be generated on either64-bit or 32-bit x86 systems. Other CPU types are not affected.

The library change helps applications which use the same key butre-initialize the Cipher object, switching between encrypting anddecrypting. Avoiding re-expansion of the key (7185471) changes onlyprivate variables within thecom.sun.crypto.provider.AESCrypt class.No other classes are affected.

Testing

This change can be tested by standard benchmarks and application servertest suites, either on systems that support x86 AES instructions or onsystems that do not support x86 AES instructions to ensure there are nounintended side effects.

Impact

• Security: No impact, the changes are only improving performance
• Performance/scalability: Need to verify performance of new implementation