How does one verify use of AES-NI at runtime? I know I can get 'capability' with:
crypto/evp/e_aes.c:#define AESNI_CAPABLE \ (OPENSSL_ia32cap_P[1]&(1<<(57-32))) But grepping the sources for a runtime test does not produce anything that looks useful: $ grep -R -i AESNI * and $ grep -R ENGINE_* * | grep -i aes The reason I ask is it looks like OpenSSL is not recognizing AES-NI even though this i5 processor has both aesni and rdrand (according to /proc/cpuinfo): $ openssl engine -c -tt (rdrand) Intel RDRAND engine [RAND] [ available ] (dynamic) Dynamic engine loading support [ unavailable ] And the speed test shows no speedup with and without OPENSSL_ia32cap=~0x200000200000000. $ /usr/local/ssl/bin/openssl speed aes If it matters, this is Fedora 20, and I had to jump through some hoops to get the shared objects built correctly (namely, exporting CFLAGS="-fPIC" and config'ing with 'shared'). Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org