From owner-freebsd-hackers@FreeBSD.ORG Thu Sep 11 07:23:32 2014 Return-Path: Delivered-To: hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7F775C68 for ; Thu, 11 Sep 2014 07:23:32 +0000 (UTC) Received: from puchar.net (puchar.net [188.252.31.250]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F2E74AAF for ; Thu, 11 Sep 2014 07:23:31 +0000 (UTC) Received: Received: from 127.0.0.1 (localhost [127.0.0.1]) by puchar.net (8.14.9/8.14.9) with ESMTP id s8B7I5lj007629 for ; Thu, 11 Sep 2014 09:18:05 +0200 (CEST) (envelope-from wojtek@puchar.net) X-Authentication-Warning: puchar.net: Host puchar-wojtek.intra [10.0.224.6] claimed to be wojtek.dom Received: from wojtek.dom (localhost [127.0.0.1]) by wojtek.dom (8.14.9/8.14.9) with ESMTP id s8B7I5pX061082 for ; Thu, 11 Sep 2014 09:18:05 +0200 (CEST) (envelope-from wojtek@puchar.net) Received: from localhost (wojtek@localhost) by wojtek.dom (8.14.9/8.14.9/Submit) with ESMTP id s8B7I5nf061079 for ; Thu, 11 Sep 2014 09:18:05 +0200 (CEST) (envelope-from wojtek@puchar.net) X-Authentication-Warning: wojtek.dom: wojtek owned process doing -bs Date: Thu, 11 Sep 2014 09:18:05 +0200 (CEST) From: Wojciech Puchar X-X-Sender: wojtek@wojtek.dom To: hackers@freebsd.org Subject: openssl with aes-in or padlock Message-ID: User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (puchar.net [10.0.1.1]); Thu, 11 Sep 2014 09:18:05 +0200 (CEST) X-Mailman-Approved-At: Thu, 11 Sep 2014 15:02:16 +0000 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Sep 2014 07:23:32 -0000 how to check if openssl is actually using these instructions? on machine with padlock: #openssl speed -evp aes-256-cbc Doing aes-256-cbc for 3s on 16 size blocks: 732600 aes-256-cbc's in 2.91s Doing aes-256-cbc for 3s on 64 size blocks: 199833 aes-256-cbc's in 2.92s Doing aes-256-cbc for 3s on 256 size blocks: 50469 aes-256-cbc's in 2.91s Doing aes-256-cbc for 3s on 1024 size blocks: 25060 aes-256-cbc's in 2.92s Doing aes-256-cbc for 3s on 8192 size blocks: 3145 aes-256-cbc's in 2.93s OpenSSL 1.0.1e-freebsd 11 Feb 2013 built on: date not available options:bn(64,32) rc4(8x,mmx) des(ptr,risc1,16,long) aes(partial) idea(int) blowfish(idx) compiler: cc The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-256-cbc 4033.24k 4377.09k 4445.61k 8782.52k 8794.06k #openssl engine (dynamic) Dynamic engine loading support in the same time dd from geli encrypted ramdisk to /dev/null is 66MB/s how to enable padlock or aes-in in openssl?