Hi,
I'm trying to use EVP_EncryptUpdate() with EVP_aes_256_cbc_hmac_sha256()
to speed up encryption.
This "stiched" version should be faster than first hashing and then
encrypt the data.
See also
https://software.intel.com/sites/default/files/open-ssl-performance-paper.pdf
for some background.
However I don't see a way to configure the offset between the data to be
signed and the data to be encrypted.
In my protocol (not TLS) we have a header of 16 byte that gets signed,
but not encrypted.
Some ASCII art to explain this (use fix size font to view this):
/----signed-------------------\
|header|seqheader|body|padding|signature|
\--------encrypted---------------/
I debugged already "openssl speed -evp aes-256-cbc-hmac-sha256" but this
looks for me like the same data is signed and encrypted,
and no offset is used.
Is it possible somehow to define such a offset? I was expecting that the
same is necessary for TLS, but I'm not a TLS expert :-)
regards,
Gerhard.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
