On Mon, Apr 16, 2012, MauMau wrote: > Hello > > Q1: Is AES-NI automatically utilized on the processors that have the > capability? Do I have to do anything (e.g. specify some engine in > openssl.conf)? >
In OpenSSL 1.0.1 it is automatically supported provided you use the EVP interface, you don't need to do anything else. > Q2: I'm going to call EVP_CIPHER_CTX_set_padding(&ctx, 0) for file > type 1. Can I omit the calls to > EVP_EncryptFinal_ex/EVP_DecryptFinal_ex between > EVP_EncryptUpdate/EVP_DecryptUpdate calls? I want to avoid function > calls as much as possible. > You can yes, those calls just check for a multiple of the block length. > Q3: Is it allowed to specify the same buffer (address) for in and > out arguments in calls to EVP_EncryptUpdate/EVP_DecryptUpdate? Some > places in OpenSSL does that like "EVP_EncryptUpdate(&ctx, data, > &outlen, data, inlen)", but that usage is not specified in the evp > manual page. > That is specifically allowed for ciphers yes. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
