>> As for SHA. It was shown that there is a way to use SHA even on >> pre-Nano, see >> http://www.mail-archive.com/openssl-dev@openssl.org/msg21787.html. >> Challenge is to make it multi-thread safe. It would take allocation of >> dynamic lock and serializing access to "crash page" allocated at engine >> load. > > No, there's more problem on using the "crash page" than benefit. > I've had the "crash page" patch on production system, and couple > of situation it broke things.
If not much trouble could you elaborate? About the way it broke things and under which circumstances? Even if we choose to discard the approach it's valuable knowledge... A lot of thanks in advance. > There's also additional overhead in > copying the data to the specifically crafted memory area, and it > causes this kludge to be not as beneficial. But it's still several times faster than software and that's what counts. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
