問(wèn)題描述
Oracle 在 AES-NI 方面對(duì) Java 8 有這樣的看法:
Oracle has this to say about Java 8 with regards to AES-NI:
添加了硬件內(nèi)部函數(shù)以使用高級(jí)加密標(biāo)準(zhǔn)(AES).UseAES 和 UseAESIntrinsics 標(biāo)志可用于啟用英特爾硬件的基于硬件的 AES 內(nèi)在函數(shù).硬件必須是 2010 年或更新的 Westmere 硬件.例如,要啟用硬件 AES,使用以下標(biāo)志:
Hardware intrinsics were added to use Advanced Encryption Standard (AES). The UseAES and UseAESIntrinsics flags are available to enable the hardware-based AES intrinsics for Intel hardware. The hardware must be 2010 or newer Westmere hardware. For example, to enable hardware AES, use the following flags:
-XX:+UseAES -XX:+UseAESIntrinsics
要禁用硬件 AES,請(qǐng)使用以下標(biāo)志:
To disable hardware AES use the following flags:
-XX:-UseAES -XX:-UseAESIntrinsics
但它并不表示默認(rèn)情況下是否啟用 AES 內(nèi)在函數(shù)(對(duì)于支持它的處理器).所以問(wèn)題很簡(jiǎn)單:如果處理器支持 AES-NI,是否使用 AES 內(nèi)部函數(shù)?
But it does not indicate if AES intrinsics are enabled by default (for processors that support it). So the question is simple: if the processor supports AES-NI, are AES intrinsics used?
額外問(wèn)題:有什么方法可以測(cè)試是否使用了 AES-NI?我想您可以根據(jù)性能進(jìn)行猜測(cè),但這不是最佳或肯定的測(cè)試方式.
Bonus question: is there any way to test if AES-NI is being used? I guess you can guess based on performance, but that's not an optimal or sure fire way of testing.
對(duì)于不熟悉 AES-NI 內(nèi)在函數(shù)的讀者:它使用 AES-NI 指令集將字節(jié)碼替換為預(yù)編譯的機(jī)器代碼.這是由 JVM 發(fā)生的,因此它不會(huì)出現(xiàn)在 Java 運(yùn)行時(shí)的 API 或字節(jié)碼中.
For readerS that are not familiar with AES-NI intrinsics: it's replacing byte code with pre-compiled machine code, using the AES-NI instruction set. This happens by the JVM, so it does not show up in the API of the Java runtime or bytecode.
推薦答案
該標(biāo)志默認(rèn)為true,如果檢測(cè)失敗將設(shè)置為false,因此可以簡(jiǎn)單地使用+PrintFlagsFinal來(lái)查看是否使用:
The flag has a default of true and it will be set to false if the detection fails, so you can simply use +PrintFlagsFinal to see if it is used:
我的筆記本電腦沒(méi)有 AES-NI:
My Laptop without AES-NI:
C:>"C:Program FilesJavajdk1.7.0_51injava" -XX:+PrintFlagsFinal -version | find "UseAES"
bool UseAES = false {product}
bool UseAESIntrinsics = false {product}
java version "1.7.0_51"
Java(TM) SE Runtime Environment (build 1.7.0_51-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.51-b03, mixed mode)
在桌面上相同使用 AES-NI:
Same on Desktop with AES-NI:
C:>"C:Program FilesJavajdk7injava" -XX:+PrintFlagsFinal -version | find "AES"
bool UseAES = true {product}
bool UseAESIntrinsics = true {product}
java version "1.7.0_51"
Java(TM) SE Runtime Environment (build 1.7.0_51-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.51-b03, mixed mode)
C:>"C:Program Files (x86)Javajre7injava" -XX:+PrintFlagsFinal -version | find "AES"
bool UseAES = true {product}
bool UseAESIntrinsics = true {product}
java version "1.7.0_51"
Java(TM) SE Runtime Environment (build 1.7.0_51-b13)
Java HotSpot(TM) Client VM (build 24.51-b03, mixed mode, sharing)
因此,它適用于最新 Java 7 的 x64 和 i686 (WOW64).該功能是通過(guò) https://bugs.openjdk.java.net/browse/JDK-7184394 并向后移植到 7u40 和 7u45.
So, it works for both x64 and i686 (WOW64) with recent Java 7. The feature was introduced with https://bugs.openjdk.java.net/browse/JDK-7184394 and backported to 7u40 and 7u45.
重要提示:AES-NI 可能僅在服務(wù)器虛擬機(jī)上可用.
Important: AES-NI may only be available on the server VM.
在提交錯(cuò)誤報(bào)告后,Oracle 承認(rèn)了這一點(diǎn).當(dāng)他們創(chuàng)建引入它的 Java 8 的功能列表時(shí),這條重要的信息丟失了(后來(lái)它也被向后移植到 7).服務(wù)器 VM 可以通過(guò)在 java 或 javaw 命令行上提供 -server 選項(xiàng)來(lái)顯式選擇.
This was acknowledged by Oracle after a bug report was filed. This vital piece of information was missing when they created the featues list of Java 8 where it was introduced (it later got backported to 7 as well). The server VM can be explicitly choosen by providing the -server option on the java or javaw command line.
這篇關(guān)于默認(rèn)情況下啟用 AES-NI 內(nèi)在函數(shù)?的文章就介紹到這了,希望我們推薦的答案對(duì)大家有所幫助,也希望大家多多支持html5模板網(wǎng)!