hi again, as i said yesterday i'm doing some tests with cryptographic hardware (in my case nCipher's).
now that i have loaded the engine, i'm getting real strange results. the same test with hardware enabled is much slower than the software version. it is really weird, because the "openssl speed -engine chil" command seems to be as fast as desired. do i have to set something else? is there any documentation on the net? am i getting more dummy everyday? thanks in adavace. regards, aleix here is the code (enable hardware passing 'enable' as first parameter: #include <stdio.h> #include <stdlib.h> #include <string.h> #include <time.h> #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/engine.h> ENGINE* setup(char const* engine) { ENGINE* e = NULL; if ((e = ENGINE_by_id(engine)) == NULL) { return NULL; } // if engine was not found try to load the shared library if (e == NULL) { e = ENGINE_by_id("dynamic"); if ((e == NULL) || !ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0) || !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) { ENGINE_free(e); e = NULL; } } return e; } ENGINE* load(char const* engine) { ENGINE* e = setup(engine); if(!ENGINE_set_default(e, ENGINE_METHOD_ALL)) { ENGINE_free(e); return NULL; } ENGINE_free(e); return e; } int main(int argc, char** argv) { time_t t_start; time_t t_end; RSA* k; ENGINE* e = NULL; unsigned int i; unsigned char* buf; unsigned char* buf2; unsigned int rsa_num; CRYPTO_malloc_init(); ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); if ((argc > 1) && strcmp(argv[1], "enable") == 0) { ENGINE_load_builtin_engines(); e = load("chil"); } if (e == NULL) { printf("Hardware disabled.\n"); } else { printf("Hardware enabled.\n"); } k = RSA_generate_key(1024, 65537, NULL, NULL); buf = (unsigned char*) malloc(5000); buf2 = (unsigned char*) malloc(5000); t_start = time(NULL); for (i = 0; i < 1500; i++) { RSA_sign(NID_md5_sha1, buf, 36, buf2, &rsa_num, k); } t_end = time(NULL); printf("Total time: %d sec.\n", t_end - t_start); EVP_cleanup(); ENGINE_cleanup(); CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); ERR_free_strings(); } ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]