Hi, I'm trying to use EVP_EncryptUpdate() with EVP_aes_256_cbc_hmac_sha256() to speed up encryption. This "stiched" version should be faster than first hashing and then encrypt the data. See also https://software.intel.com/sites/default/files/open-ssl-performance-paper.pdf for some background. However I don't see a way to configure the offset between the data to be signed and the data to be encrypted. In my protocol (not TLS) we have a header of 16 byte that gets signed, but not encrypted. Some ASCII art to explain this (use fix size font to view this): /----signed-------------------\ |header|seqheader|body|padding|signature| \--------encrypted---------------/ I debugged already "openssl speed -evp aes-256-cbc-hmac-sha256" but this looks for me like the same data is signed and encrypted, and no offset is used. Is it possible somehow to define such a offset? I was expecting that the same is necessary for TLS, but I'm not a TLS expert :-) regards, Gerhard. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
