On Tue, Apr 21, 2015, Barbe, Charles wrote: > I've spent the last few days configuring the cryptodev engine on my platform and I am also seeing the same behavior with that engine as I did with af_alg. It seems like OpenSSL does not even attempt to use the engine for ciphers. My next step is to start plowing through the openssl code to figure out how control is supposed to get passed to an engine - I believe this happens in evp_enc.c. > > Something tells me I'm just missing something fundamental here... like a configuration option on build or maybe something I missed in openssl.conf. > [snip] > However, if I try to do a cipher instead of a digest, my driver is not used. For example, when I run: > > openssl speed aes-256-cbc -engine af_alg > The speed command uses EVP for all digest operations but uses low level APIs for cipher operations when you don't include the -evp option. ENGINEs only work at the EVP level so your above command will just use the built in ciphers. If instead you do: openssl speed -evp aes-256-cbc It should work if you've set up an ENGINE to provide the default implementation. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org
