[Ocf-linux-users] How stable is Openssl Configuration Option --with-cryptodev-digests?

[nikos k. <kar...@wi...>]

Hello!
I have some questions concerning the openssl configuration option --with-cryptodev-digests.
1. Does the option --with-cryptodev-digests is necessary only for MD5/SHA hardware acceleration?	  2. In addition by applying the openssl-0.9.8r.patch (in order to use the OCF from openssl) i had some compilation problems with the option --with-cryptodev-digests.The reasons have to do with some inactive pieces of code (#if 0) inside of some files of openssl.
For example in fileopenssl-0.9.8r\crypto\engine\eng_cryptodev.c at line 146#if 0static struct {	int	id;	int	nid;} digests[] = {	{ CRYPTO_SHA1_HMAC,		NID_hmacWithSHA1,	},	{ CRYPTO_RIPEMD160_HMAC,	NID_ripemd160,		},	{ CRYPTO_MD5_KPDK,		NID_undef,		},	{ CRYPTO_SHA1_KPDK,		NID_undef,		},	{ CRYPTO_MD5,			NID_md5,		},	{ CRYPTO_SHA1,			NID_undef,		},	{ 0,				NID_undef,		},};#endif
there is a piece of code inside at #if 0In order to compile with --with-cryptodev-digests i replace the #if 0 with #ifdef USE_CRYPTODEV_DIGESTS Is this the suitable procedure for compilation with --with-cryptodev-digests? Why openssl has these pieces of code inactive?
3. Also with --with-cryptodev-digests there are some reported problems e.g.http://sourceforge.net/mailarchive/forum.php?forum_name=ocf-linux-users&max_rows=25&style=nested&viewmonth=200805
Some problems i encountered also by myselfBy run the comand 
# openssl x509 -in usercert.pem -signkey userkey.pem -out cert.crti take the error:
Getting Private key5480:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public key type:p_sign.c:99:5480:error:0D0C3006:asn1 encoding routines:ASN1_item_sign:EVP lib:a_sign.c:281:
By removing the option --with-cryptodev-digests this error was disappeared.
What is the directives concerning the --with-cryptodev-digests?Is it stable? How we can overcome such problems (EVP_SignFinal:wrong public key type)?
Thanks a lot!