I am using this crypto accelerator: https://openwrt.org/docs/techref/hardware/cryptographic.hardware.accelerators
There is a section that need should be modified:
It should use like this:
[default] openssl_conf=openssl_def [openssl_def] # this is the main library configuration section engines=engine_section [engine_section] # this is the engine configuration section, where the engines are listed devcrypto=devcrypto_section [devcrypto_section] # this is the section where the devcrypto engine commands are used CIPHERS=ALL DIGESTS=NONE
Now, in the
devcrypto_section it says
I tried it, to set
ALL and it works.
So, if I add to digests, it looks like this:
root@hawk:~# openssl engine -t -c (dynamic) Dynamic engine loading support [ unavailable ] (devcrypto) /dev/crypto engine [DES-CBC, DES-EDE3-CBC, AES-128-CBC, AES-192-CBC, AES-256-CBC, AES-128-ECB, AES-192-ECB, AES-256-ECB, MD5, SHA1, SHA256] [ available ]
You can see in the end, shows
It I set in openssl.cnf digest to none, it will not use the digests.
So, why is this link (https://openwrt.org/docs/techref/hardware/cryptographic.hardware.accelerators) not enabled for digests?
Should I enable it or not?