Solved (sorta) /dev/crypto No Ciphers or Hashes

I have upgraded openwrt from: Linux SecureOffice 4.4.14 #2 SMP Fri Apr 5 18:22:23 UTC 2019 x86_64 GNU/Linux

and, /dev/crypto worked:
root@SecureOffice:~# openssl engine -t -c
(cryptodev) BSD cryptodev engine
[RSA, DSA, DH, DES-CBC, DES-EDE3-CBC, AES-128-CBC, AES-192-CBC, AES-256-CBC, hmacWithMD5, MD5]
[ available ]
(rdrand) Intel RDRAND engine
[RAND]
[ available ]
(dynamic) Dynamic engine loading support
[ unavailable ]

To: Linux SecureOffice 4.14.111 #0 SMP Thu Apr 18 20:34:19 2019 x86_64 GNU/Linux
with exact same configuration, apart from new kernel config values.

and, /dev/crypto fails (no algs):
root@SecureOffice:/tmp# openssl engine -t -c
(dynamic) Dynamic engine loading support
[ unavailable ]
(devcrypto) /dev/crypto engine
[ available ]
(lack of rdrand this CPU)

I enabled debugging:
sysctl ioctl.cryptodev_verbosity=3

and, see failures:

[ 3316.626744] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888116d20300
[ 3316.626747] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888116d20840
[ 3316.626748] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888116d20900
[ 3316.626750] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888116d20a80
[ 3316.626751] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888116d209c0
[ 3316.626753] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888116d20b40
[ 3316.626754] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888116d20c00
[ 3316.626755] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888116d20f00
[ 3316.626757] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888116d20180
[ 3316.626758] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888116d203c0
[ 3316.626760] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888116d20e40
[ 3316.626761] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888116d20d80
[ 3316.626763] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888116d20600
[ 3316.626765] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888118e93e40
[ 3316.626767] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888118e939c0
[ 3316.626769] cryptodev: openssl[5568] (cryptodev_open:515): allocated new item at ffff888118918000
[ 3316.626770] cryptodev: openssl[5568] (cryptodev_open:520): Cryptodev handle initialised, 16 elements in queue
[ 3316.626789] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 3
[ 3316.626791] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.626798] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0x428F21B6
[ 3316.626801] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.626806] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 3
[ 3316.626808] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.626812] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0x59D04C3B
[ 3316.626814] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.629376] cryptodev: openssl[5568] (cryptodev_cipher_init:154): Failed to load cipher cbc(blowfish)
[ 3316.629379] cryptodev: openssl[5568] (crypto_create_session:254): Failed to load cipher for cbc(blowfish)
[ 3316.629385] cryptodev: openssl[5568] (crypto_create_session:167): bad cipher: 4
[ 3316.629392] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 0
[ 3316.629393] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.629401] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0xA1BA425D
[ 3316.629403] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.629408] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 0
[ 3316.629409] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.629413] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0x751881A1
[ 3316.629415] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.629419] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 0
[ 3316.629420] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.629424] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0xDAB9D2CC
[ 3316.629426] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.629428] cryptodev: openssl[5568] (crypto_create_session:167): bad cipher: 12
[ 3316.631202] cryptodev: openssl[5568] (cryptodev_cipher_init:154): Failed to load cipher ctr(aes)
[ 3316.631204] cryptodev: openssl[5568] (crypto_create_session:254): Failed to load cipher for ctr(aes)
[ 3316.632957] cryptodev: openssl[5568] (cryptodev_cipher_init:154): Failed to load cipher ctr(aes)
[ 3316.632959] cryptodev: openssl[5568] (crypto_create_session:254): Failed to load cipher for ctr(aes)
[ 3316.634751] cryptodev: openssl[5568] (cryptodev_cipher_init:154): Failed to load cipher ctr(aes)
[ 3316.634754] cryptodev: openssl[5568] (crypto_create_session:254): Failed to load cipher for ctr(aes)
[ 3316.634766] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 0
[ 3316.634767] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.634777] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0x398B01ED
[ 3316.634779] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.634784] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 0
[ 3316.634785] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.634789] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0x8541CF90
[ 3316.634791] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.634795] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 0
[ 3316.634797] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.634800] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0x9869D3C3
[ 3316.634802] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.634810] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 0
[ 3316.634812] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.634817] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 0
[ 3316.634818] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.634823] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0x5049FA44
[ 3316.634825] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.634827] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0xC80DEF1C
[ 3316.634829] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.636126] cryptodev: openssl[5568] (cryptodev_hash_init:352): Failed to load transform for sha1
[ 3316.636128] cryptodev: openssl[5568] (crypto_create_session:277): Failed to load hash for sha1
[ 3316.637372] cryptodev: openssl[5568] (cryptodev_hash_init:352): Failed to load transform for rmd160
[ 3316.637374] cryptodev: openssl[5568] (crypto_create_session:277): Failed to load hash for rmd160
[ 3316.637383] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 0
[ 3316.637384] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.637393] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 0
[ 3316.637394] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.637400] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0xE9125597
[ 3316.637402] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.637404] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0x13C78347
[ 3316.637406] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.637410] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 0
[ 3316.637411] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.637416] cryptodev: openssl[5568] (crypto_create_session:290): got alignmask 0
[ 3316.637417] cryptodev: openssl[5568] (crypto_create_session:293): preallocating for 32 user pages
[ 3316.637421] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0x7D814EFC
[ 3316.637422] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.637425] cryptodev: openssl[5568] (crypto_destroy_session:348): Removed session 0xE9DEE777
[ 3316.637426] cryptodev: openssl[5568] (crypto_destroy_session:351): freeing space for 32 user pages
[ 3316.638659] cryptodev: openssl[5568] (cryptodev_hash_init:352): Failed to load transform for sha384
[ 3316.638662] cryptodev: openssl[5568] (crypto_create_session:277): Failed to load hash for sha384
[ 3316.639888] cryptodev: openssl[5568] (cryptodev_hash_init:352): Failed to load transform for sha512
[ 3316.639890] cryptodev: openssl[5568] (crypto_create_session:277): Failed to load hash for sha512
[ 3316.640518] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888118918000
[ 3316.640521] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888118e939c0
[ 3316.640522] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888118e93e40
[ 3316.640524] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888116d20600
[ 3316.640526] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888116d20d80
[ 3316.640527] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888116d20e40
[ 3316.640529] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888116d203c0
[ 3316.640530] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888116d20180
[ 3316.640532] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888116d20f00
[ 3316.640533] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888116d20c00
[ 3316.640534] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888116d20b40
[ 3316.640536] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888116d209c0
[ 3316.640537] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888116d20a80
[ 3316.640539] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888116d20900
[ 3316.640540] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888116d20840
[ 3316.640542] cryptodev: openssl[5568] (cryptodev_release:554): freeing item at ffff888116d20300
[ 3316.640544] cryptodev: openssl[5568] (cryptodev_release:576): Cryptodev handle deinitialised, 16 elements freed

Any clues how to debug this? Yes, kernel has loadable modules

Thanks;
Bill

That makes me wonder if we are talking about a regular OpenWrt, or something special? Your own compilation with some extras?

Just the hostname; part of www.rossco.org endeavors. Do have custom packages, standard OpenWrt as OS

You forgot to mention any real OpenWrt version that you are talking about. master, 19.07, 18.06 or 17.01?

The kernel versions 4.4.14 and 4.14.111 do not match anything current...

Trunk / master; checked out on Thu Apr 18 2019 (per git and uname -a). Have reviewed all subsequent bug reports and changes to date. Nothing applicable.

This forum is primarily for support of the official builds not third-party alterations.

In the official builds most of the crypto kmods are in packages that must be installed separately.

hmm, a "developer" forum implies "for developers". In this area, I am using standard kernel, openssl package. All my "custom" stuff is completely independent.

Pretty sure I in the right place, asking a legitimate question.

Possibly you were using openssl 1.0.2 in the old build, while the new build likely uses 1.1.1. I further assume that you have adjusted your openssl config accordingly, and also taken notice to the engine related bug fixes for openssl since mid-April.
https://git.openwrt.org/?p=openwrt/openwrt.git;a=history;f=package/libs/openssl;hb=HEAD

THANKS; Missed that, will remedy, currently:
PKG_NAME:=openssl
PKG_BASE:=1.1.1
PKG_BUGFIX:=b
should be:
PKG_BUGFIX:=c plus a patch

Updating now and will get back to you. Doubt it is cause, since I have another (custom) app using /dev/crypto exhibiting exact same behavior, which led me to openssl for a simple testcase.

updated; same behavior:

root@SecureOffice:/tmp# opkg list-installed | grep libopenssl
libopenssl-conf - 1.1.1c-1
libopenssl1.1 - 1.1.1c-1

root@SecureOffice:/tmp# openssl engine -t -c
(dynamic) Dynamic engine loading support
[ unavailable ]
(devcrypto) /dev/crypto engine
[ available ]

please elaborate: "adjusted your openssl config accordingly" No new menuconfig items, openssl.cnf default should be OK for /dev/crypto?

other ideas?

I just thought that as openssl 1.1.1 changed quite a lot of config items for openssl itself and also changed some kmod dependencies, you may need to check that the same relevant kmods are still included in your builds as earlier. E.g. in https://git.openwrt.org/?p=openwrt/openwrt.git;a=commitdiff;h=d971ae51a51cb1b145b6fbbf7d1327a99be257b1

I assume that you have already compared the usual suspects, diffconfig output and manifest.

Similarly, the jump from kernel 4.4 to 4.14 may have caused kmod / dependency / kernel config changes, which are maybe best documented upstream at Linux mailing lists and source repos.

thanks;

great minds think alike; fools seldom differ...
just reviewed kernel config diffs, some (new) selected modules are not created as packages. Theory is that failing due to missing (unpackaged) modules. Changed all kernel modules that are not packaged as openwrt modules to builtin.

Compiling, will advise...

Nope; same failures

root@SecureOffice:~# cat /proc/crypto

name         : ecb(aes)
driver       : ecb(aes-asm)
module       : ecb
priority     : 200
refcnt       : 1
selftest     : passed
internal     : no
type         : blkcipher
blocksize    : 16
min keysize  : 16
max keysize  : 32
ivsize       : 0
geniv        : <default>

name         : ctr(aes)
driver       : ctr(aes-asm)
module       : kernel
priority     : 200
refcnt       : 1
selftest     : passed
internal     : no
type         : blkcipher
blocksize    : 1
min keysize  : 16
max keysize  : 32
ivsize       : 16
geniv        : chainiv

name         : cbc(aes)
driver       : cbc(aes-asm)
module       : kernel
priority     : 200
refcnt       : 1
selftest     : passed
internal     : no
type         : skcipher
async        : no
blocksize    : 16
min keysize  : 16
max keysize  : 32
ivsize       : 16
chunksize    : 16
walksize     : 16

name         : cbc(des3_ede)
driver       : cbc(des3_ede-generic)
module       : kernel
priority     : 100
refcnt       : 1
selftest     : passed
internal     : no
type         : skcipher
async        : no
blocksize    : 8
min keysize  : 24
max keysize  : 24
ivsize       : 8
chunksize    : 8
walksize     : 8

name         : cbc(des)
driver       : cbc(des-generic)
module       : kernel
priority     : 100
refcnt       : 1
selftest     : passed
internal     : no
type         : skcipher
async        : no
blocksize    : 8
min keysize  : 8
max keysize  : 8
ivsize       : 8
chunksize    : 8
walksize     : 8

name         : md5
driver       : md5-generic
module       : md5
priority     : 0
refcnt       : 1
selftest     : passed
internal     : no
type         : shash
blocksize    : 64
digestsize   : 16

name         : md4
driver       : md4-generic
module       : md4
priority     : 0
refcnt       : 1
selftest     : passed
internal     : no
type         : shash
blocksize    : 64
digestsize   : 16

name         : des3_ede
driver       : des3_ede-generic
module       : des_generic
priority     : 100
refcnt       : 1
selftest     : passed
internal     : no
type         : cipher
blocksize    : 8
min keysize  : 24
max keysize  : 24

name         : des
driver       : des-generic
module       : des_generic
priority     : 100
refcnt       : 1
selftest     : passed
internal     : no
type         : cipher
blocksize    : 8
min keysize  : 8
max keysize  : 8

name         : jitterentropy_rng
driver       : jitterentropy_rng
module       : kernel
priority     : 100
refcnt       : 1
selftest     : passed
internal     : no
type         : rng
seedsize     : 0

name         : stdrng
driver       : drbg_nopr_hmac_sha256
module       : kernel
priority     : 207
refcnt       : 1
selftest     : passed
internal     : no
type         : rng
seedsize     : 0

name         : stdrng
driver       : drbg_nopr_hmac_sha512
module       : kernel
priority     : 206
refcnt       : 1
selftest     : passed
internal     : no
type         : rng
seedsize     : 0

name         : stdrng
driver       : drbg_nopr_hmac_sha384
module       : kernel
priority     : 205
refcnt       : 1
selftest     : passed
internal     : no
type         : rng
seedsize     : 0

name         : stdrng
driver       : drbg_nopr_hmac_sha1
module       : kernel
priority     : 204
refcnt       : 1
selftest     : passed
internal     : no
type         : rng
seedsize     : 0

name         : stdrng
driver       : drbg_pr_hmac_sha256
module       : kernel
priority     : 203
refcnt       : 1
selftest     : passed
internal     : no
type         : rng
seedsize     : 0

name         : stdrng
driver       : drbg_pr_hmac_sha512
module       : kernel
priority     : 202
refcnt       : 1
selftest     : passed
internal     : no
type         : rng
seedsize     : 0

name         : stdrng
driver       : drbg_pr_hmac_sha384
module       : kernel
priority     : 201
refcnt       : 1
selftest     : passed
internal     : no
type         : rng
seedsize     : 0

name         : stdrng
driver       : drbg_pr_hmac_sha1
module       : kernel
priority     : 200
refcnt       : 1
selftest     : passed
internal     : no
type         : rng
seedsize     : 0

name         : crct10dif
driver       : crct10dif-generic
module       : kernel
priority     : 100
refcnt       : 2
selftest     : passed
internal     : no
type         : shash
blocksize    : 1
digestsize   : 2

name         : crc32c
driver       : crc32c-generic
module       : kernel
priority     : 100
refcnt       : 4
selftest     : passed
internal     : no
type         : shash
blocksize    : 1
digestsize   : 4

name         : ecb(arc4)
driver       : ecb(arc4)-generic
module       : kernel
priority     : 100
refcnt       : 1
selftest     : passed
internal     : no
type         : blkcipher
blocksize    : 1
min keysize  : 1
max keysize  : 256
ivsize       : 0
geniv        : <default>

name         : arc4
driver       : arc4-generic
module       : kernel
priority     : 0
refcnt       : 3
selftest     : passed
internal     : no
type         : cipher
blocksize    : 1
min keysize  : 1
max keysize  : 256

name         : aes
driver       : aes-generic
module       : kernel
priority     : 100
refcnt       : 1
selftest     : passed
internal     : no
type         : cipher
blocksize    : 16
min keysize  : 16
max keysize  : 32

name         : sha224
driver       : sha224-generic
module       : kernel
priority     : 0
refcnt       : 1
selftest     : passed
internal     : no
type         : shash
blocksize    : 64
digestsize   : 28

name         : sha256
driver       : sha256-generic
module       : kernel
priority     : 0
refcnt       : 1
selftest     : passed
internal     : no
type         : shash
blocksize    : 64
digestsize   : 32

name         : sha1
driver       : sha1-generic
module       : kernel
priority     : 0
refcnt       : 1
selftest     : passed
internal     : no
type         : shash
blocksize    : 64
digestsize   : 20

name         : digest_null
driver       : digest_null-generic
module       : kernel
priority     : 0
refcnt       : 1
selftest     : passed
internal     : no
type         : shash
blocksize    : 1
digestsize   : 0

name         : compress_null
driver       : compress_null-generic
module       : kernel
priority     : 0
refcnt       : 1
selftest     : passed
internal     : no
type         : compression

name         : ecb(cipher_null)
driver       : ecb-cipher_null
module       : kernel
priority     : 100
refcnt       : 1
selftest     : passed
internal     : no
type         : blkcipher
blocksize    : 1
min keysize  : 0
max keysize  : 0
ivsize       : 0
geniv        : <default>

name         : cipher_null
driver       : cipher_null-generic
module       : kernel
priority     : 0
refcnt       : 1
selftest     : passed
internal     : no
type         : cipher
blocksize    : 1
min keysize  : 0
max keysize  : 0

name         : sha224
driver       : sha224-ssse3
module       : kernel
priority     : 150
refcnt       : 1
selftest     : passed
internal     : no
type         : shash
blocksize    : 64
digestsize   : 28

name         : sha256
driver       : sha256-ssse3
module       : kernel
priority     : 150
refcnt       : 1
selftest     : passed
internal     : no
type         : shash
blocksize    : 64
digestsize   : 32

name         : sha1
driver       : sha1-ssse3
module       : kernel
priority     : 150
refcnt       : 1
selftest     : passed
internal     : no
type         : shash
blocksize    : 64
digestsize   : 20

name         : aes
driver       : aes-asm
module       : kernel
priority     : 200
refcnt       : 5
selftest     : passed
internal     : no
type         : cipher
blocksize    : 16
min keysize  : 16
max keysize  : 32

going to try to replicate with trunk. Be awhile

what your router's cpu ? i don't see your cpu support aes-ni instruction.

quad core; here's one (previous rev worked; this hardware / cpu)
cat /proc/cpuinfo

processor       : 1
vendor_id       : GenuineIntel
cpu family      : 6
model           : 58
model name      : Intel(R) Celeron(R) CPU 1037U @ 1.80GHz
stepping        : 9
microcode       : 0x1c
cpu MHz         : 1148.336
cache size      : 2048 KB
physical id     : 0
siblings        : 2
core id         : 1
cpu cores       : 2
apicid          : 2
initial apicid  : 2
fpu             : yes
fpu_exception   : yes
cpuid level     : 13
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer xsave lahf_lm cpuid_fault epb pti tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms xsaveopt dtherm arat pln pts
bugs            : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf
bogomips        : 3591.82
clflush size    : 64
cache_alignment : 64
address sizes   : 36 bits physical, 48 bits virtual
power management:

Celeron 1037U does not support aes-ni instruction set.
see here: https://ark.intel.com/content/www/us/en/ark/products/71995/intel-celeron-processor-1037u-2m-cache-1-80-ghz.html

this is my Pentium G2020 not support aes-ni, same of your too:

root@OpenWrt:~# cat /proc/crypto |grep aes
name         : aes
driver       : aes-generic
name         : aes
driver       : aes-asm
root@OpenWrt:~# openssl engine -t -c
(dynamic) Dynamic engine loading support
     [ unavailable ]

this my cpu Celeron J3355 have aes-ni:

root@ASR:~# cat /proc/crypto |grep aes
name         : xts(aes)
driver       : xts-aes-aesni
name         : ctr(aes)
driver       : ctr-aes-aesni
name         : cbc(aes)
driver       : cbc-aes-aesni
name         : ecb(aes)
driver       : ecb-aes-aesni
name         : gcm(aes)
driver       : generic-gcm-aesni
name         : __generic-gcm-aes-aesni
driver       : __driver-generic-gcm-aes-aesni
name         : rfc4106(gcm(aes))
driver       : rfc4106-gcm-aesni
name         : __gcm-aes-aesni
driver       : __driver-gcm-aes-aesni
name         : __xts(aes)
driver       : __xts-aes-aesni
name         : __ctr(aes)
driver       : __ctr-aes-aesni
name         : __cbc(aes)
driver       : __cbc-aes-aesni
name         : __ecb(aes)
driver       : __ecb-aes-aesni
name         : __aes
driver       : __aes-aesni
name         : aes
driver       : aes-aesni
name         : aes
driver       : aes-generic
name         : aes
driver       : aes-asm
root@ASR:~# openssl engine -t -c
(rdrand) Intel RDRAND engine
 [RAND]
     [ available ]
(dynamic) Dynamic engine loading support
     [ unavailable ]

is not the issue, that is for openssl specific engines, which I have as builtin. Don't need it

what I need is
root@SecureOffice:~# openssl engine -t -c
(cryptodev) BSD cryptodev engine
[RSA, DSA, DH, DES-CBC, DES-EDE3-CBC, AES-128-CBC, AES-192-CBC, AES-256-CBC, hmacWithMD5, MD5]
[ available ]
(rdrand) Intel RDRAND engine
[RAND]
[ available ]
(dynamic) Dynamic engine loading support
[ unavailable ]

in other words; the algs in /dev/crypto ([RSA, DSA, ...), which you are apparently not using. My /proc/crypto (kernel crypto modules) is OK

That /proc/crypto output tells me that you apparently have no hw-crypto that needs it.
/dev/crypto presence does not mean that there is any hardware-accelerated crypto available. By hw-accelerated, I'm not talking AES-NI, and other CPU instructions; from openssl point of view, they're 100% software (just another assembly instruction), and the default openssl provider most likely already uses them.
In openssl 1.1.1, the devcrypto engine only enables hardware-accelerated drivers by default. You can force the software drivers, restoring the old behavior, by using USE_SOFTDRIVERS=1. I strongly recommend against it. Read this for some more info:
https://openwrt.org/docs/techref/hardware/cryptographic.hardware.accelerators

If you want further help with this, especially if you're convinced that you do have hw-crypto, the output of openssl engine -t -c -pre DUMP_INFO is really helpful.
Here's the output from a WRT3200ACM (with hardware crypto):

# openssl engine -t -c -pre DUMP_INFO devcrypto
(devcrypto) /dev/crypto engine
Information about ciphers supported by the /dev/crypto engine:
Cipher DES-CBC, NID=31, /dev/crypto info: id=1, driver=mv-cbc-des (hw accelerated)
Cipher DES-EDE3-CBC, NID=44, /dev/crypto info: id=2, driver=mv-cbc-des3-ede (hw accelerated)
Cipher BF-CBC, NID=91, /dev/crypto info: id=3, CIOCGSESSION (session open call) failed
Cipher CAST5-CBC, NID=108, /dev/crypto info: id=4, CIOCGSESSION (session open call) failed
Cipher AES-128-CBC, NID=419, /dev/crypto info: id=11, driver=mv-cbc-aes (hw accelerated)
Cipher AES-192-CBC, NID=423, /dev/crypto info: id=11, driver=mv-cbc-aes (hw accelerated)
Cipher AES-256-CBC, NID=427, /dev/crypto info: id=11, driver=mv-cbc-aes (hw accelerated)
Cipher RC4, NID=5, /dev/crypto info: id=12, CIOCGSESSION (session open call) failed
Cipher AES-128-CTR, NID=904, /dev/crypto info: id=21, driver=ctr-aes-neonbs (software)
Cipher AES-192-CTR, NID=905, /dev/crypto info: id=21, driver=ctr-aes-neonbs (software)
Cipher AES-256-CTR, NID=906, /dev/crypto info: id=21, driver=ctr-aes-neonbs (software)
Cipher AES-128-ECB, NID=418, /dev/crypto info: id=23, driver=mv-ecb-aes (hw accelerated)
Cipher AES-192-ECB, NID=422, /dev/crypto info: id=23, driver=mv-ecb-aes (hw accelerated)
Cipher AES-256-ECB, NID=426, /dev/crypto info: id=23, driver=mv-ecb-aes (hw accelerated)
Cipher CAMELLIA-128-CBC, NID=751, /dev/crypto info: id=101, CIOCGSESSION (session open call) failed
Cipher CAMELLIA-192-CBC, NID=752, /dev/crypto info: id=101, CIOCGSESSION (session open call) failed
Cipher CAMELLIA-256-CBC, NID=753, /dev/crypto info: id=101, CIOCGSESSION (session open call) failed

Information about digests supported by the /dev/crypto engine:
Digest MD5, NID=4, /dev/crypto info: id=13, driver=mv-md5 (hw accelerated), CIOCCPHASH capable
Digest SHA1, NID=64, /dev/crypto info: id=14, driver=mv-sha1 (hw accelerated), CIOCCPHASH capable
Digest RIPEMD160, NID=117, /dev/crypto info: id=102, driver=unknown. CIOCGSESSION (session open) failed
Digest SHA224, NID=675, /dev/crypto info: id=103, driver=sha224-neon (software), CIOCCPHASH capable
Digest SHA256, NID=672, /dev/crypto info: id=104, driver=mv-sha256 (hw accelerated), CIOCCPHASH capable
Digest SHA384, NID=673, /dev/crypto info: id=105, driver=sha384-neon (software), CIOCCPHASH capable
Digest SHA512, NID=674, /dev/crypto info: id=106, driver=sha512-neon (software), CIOCCPHASH capable

[Success]: DUMP_INFO
 [DES-CBC, DES-EDE3-CBC, AES-128-CBC, AES-192-CBC, AES-256-CBC, AES-128-ECB, AES-192-ECB, AES-256-ECB, MD5, SHA1, SHA256]
     [ available ]

Here's the output from my x86_64 machine (sotware only, but AES-NI), with the USE_SOFTDRIVERS=1:

openssl engine -t -c -pre DUMP_INFO devcrypto
(devcrypto) /dev/crypto engine
Information about ciphers supported by the /dev/crypto engine:
Cipher DES-CBC, NID=31, /dev/crypto info: id=1, driver=cbc(des-generic) (software)
Cipher DES-EDE3-CBC, NID=44, /dev/crypto info: id=2, driver=cbc(des3_ede-generic) (software)
Cipher BF-CBC, NID=91, /dev/crypto info: id=3, driver=cbc-blowfish-asm (software)
Cipher CAST5-CBC, NID=108, /dev/crypto info: id=4, CIOCGSESSION (session open call) failed
Cipher AES-128-CBC, NID=419, /dev/crypto info: id=11, driver=cbc-aes-aesni (software)
Cipher AES-192-CBC, NID=423, /dev/crypto info: id=11, driver=cbc-aes-aesni (software)
Cipher AES-256-CBC, NID=427, /dev/crypto info: id=11, driver=cbc-aes-aesni (software)
Cipher RC4, NID=5, /dev/crypto info: id=12, CIOCGSESSION (session open call) failed
Cipher AES-128-CTR, NID=904, /dev/crypto info: id=21, driver=ctr-aes-aesni (software)
Cipher AES-192-CTR, NID=905, /dev/crypto info: id=21, driver=ctr-aes-aesni (software)
Cipher AES-256-CTR, NID=906, /dev/crypto info: id=21, driver=ctr-aes-aesni (software)
Cipher AES-128-ECB, NID=418, /dev/crypto info: id=23, driver=ecb-aes-aesni (software)
Cipher AES-192-ECB, NID=422, /dev/crypto info: id=23, driver=ecb-aes-aesni (software)
Cipher AES-256-ECB, NID=426, /dev/crypto info: id=23, driver=ecb-aes-aesni (software)
Cipher CAMELLIA-128-CBC, NID=751, /dev/crypto info: id=101, driver=cbc-camellia-aesni (software)
Cipher CAMELLIA-192-CBC, NID=752, /dev/crypto info: id=101, driver=cbc-camellia-aesni (software)
Cipher CAMELLIA-256-CBC, NID=753, /dev/crypto info: id=101, driver=cbc-camellia-aesni (software)

Information about digests supported by the /dev/crypto engine:
Digest MD5, NID=4, /dev/crypto info: id=13, driver=md5-generic (software), CIOCCPHASH capable
Digest SHA1, NID=64, /dev/crypto info: id=14, driver=sha1-avx (software), CIOCCPHASH capable
Digest RIPEMD160, NID=117, /dev/crypto info: id=102, driver=rmd160-generic (software), CIOCCPHASH capable
Digest SHA224, NID=675, /dev/crypto info: id=103, driver=sha224-avx (software), CIOCCPHASH capable
Digest SHA256, NID=672, /dev/crypto info: id=104, driver=sha256-avx (software), CIOCCPHASH capable
Digest SHA384, NID=673, /dev/crypto info: id=105, driver=sha384-avx (software), CIOCCPHASH capable
Digest SHA512, NID=674, /dev/crypto info: id=106, driver=sha512-avx (software), CIOCCPHASH capable

[Success]: DUMP_INFO
 [DES-CBC, DES-EDE3-CBC, BF-CBC, AES-128-CBC, AES-192-CBC, AES-256-CBC, AES-128-CTR, AES-192-CTR, AES-256-CTR, AES-128-ECB, AES-192-ECB, AES-256-ECB, CAMELLIA-128-CBC, CAMELLIA-192-CBC, CAMELLIA-256-CBC, MD5, SHA1, RIPEMD160, SHA224, SHA256, SHA384, SHA512]
     [ available ]

Here's the most important part of my /proc/crypto from openwrt:

# cat /proc/crypto | egrep -A 3 aes | egrep '^(--|name|driver|priority)'
name         : __ctr(aes)
driver       : cryptd(__ctr-aes-neonbs)
priority     : 300
--
name         : xts(aes)
driver       : xts-aes-neonbs
priority     : 250
--
name         : ctr(aes)
driver       : ctr-aes-neonbs
priority     : 250
--
name         : cbc(aes)
driver       : cbc-aes-neonbs
priority     : 250
--
name         : ecb(aes)
driver       : ecb-aes-neonbs
priority     : 250
--
name         : __xts(aes)
driver       : __xts-aes-neonbs
priority     : 250
--
name         : __ctr(aes)
driver       : __ctr-aes-neonbs
priority     : 250
--
name         : __cbc(aes)
driver       : __cbc-aes-neonbs
priority     : 250
--
name         : __ecb(aes)
driver       : __ecb-aes-neonbs
priority     : 250
--
name         : cbc(aes)
driver       : mv-cbc-aes
priority     : 300
--
name         : ecb(aes)
driver       : mv-ecb-aes
priority     : 300
--
name         : aes
driver       : aes-generic
priority     : 100
--
name         : aes
driver       : aes-arm
priority     : 200

I hope this helps.
Cheers