Hi >From the OpenSSL documentation: (http://www.openssl.org/docs/crypto/evp.html# http://www.openssl.org/docs/crypto/engine.html# )
"The fact that ENGINEs are made visible to OpenSSL (and thus are linked into the program and loaded into memory at run-time) does not mean they are ``registered'' or called into use by OpenSSL automatically - that behavior is something for the application to control. Some applications will want to allow the user to specify exactly which ENGINE they want used if any is to be used at all. Others may prefer to load all support and have OpenSSL automatically use at run-time any ENGINE that is able to successfully initialize - i.e. to assume that this corresponds to acceleration hardware attached to the machine or some such thing." "If ENGINE implementations of ciphers or digests are registered as defaults, then the various EVP functions will automatically use those implementations automatically in preference to built in software implementations." Specific for the rsync: The rsync uses the OpenVPN, which uses the OpenSSL engine by registering all available engines. For other application, each application implementation should be checked to support engine use. Regards Ronen Shitrit Marvell Semiconductor Israel Ltd -----Original Message----- From: David McCullough [mailto:[EMAIL PROTECTED] Sent: Friday, November 18, 2005 12:30 AM To: Ronen Shitrit Cc: linux-crypto@vger.kernel.org Subject: Re: Applications using OCF with OpenSSL Jivin Ronen Shitrit lays it down ... > > Hi > > I'm using the OCF package, > I compiled the OpenSSL package with the OCF patch. > I also compiled the OCF as kernel module with SW crypto. > I ran the speed test from the OpenSSL and everything seems to work nice. > > When I looked into the speed test, I figured that if an application want > to use the OpenSSL with the OCF crypto dev engine, then it must specify > it, and the APIs are different then when using the integrated SW crypto > inside the Open SLL. > > I want to use the Rsync application which uses the OpenSSL lib, in a way > that it will use the OCF interface by default. > Should I change the Rsync Application?? > Is there any patch which cause the OpenSSL to use the OCF crypto dev > engine by default (if possible) and if not then Go to the other engines > or the OpenSSL integrated SW crypto?? > Any other suggestions?? It's something I have wondered about myself. Have a look at the ssh.patch with OCF, it may give you some hints as to what is needed in rsync. Basically you need to call: ENGINE_load_builtin_engines(); ENGINE_register_all_complete(); near the start of the program. What I don't know for sure is how to ensure the HW engines take precedence over the software ones :-( With scp I could do it by choosing appropriate alg's IIRC, it's been a while, Cheers, Davidm -- David McCullough, [EMAIL PROTECTED], Custom Embedded Solutions + Security Ph:+61 734352815 Fx:+61 738913630 http://www.uCdot.org http://www.cyberguard.com - To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
