| [afalg_sect] |
| # Leave this alone and configure algorithms with CIPERS/DIGESTS below |
| default_algorithms = ALL |
| |
| # The following commands are only available if using the alternative |
| # (sync) AFALG engine |
| # Configuration commands: |
| # Run 'openssl engine -t -c -vv -pre DUMP_INFO devcrypto' to see a |
| # list of supported algorithms, along with their driver, whether they |
| # are hw accelerated or not, and the engine's configuration commands. |
| |
| # USE_SOFTDRIVERS: specifies whether to use software (not accelerated) |
| # drivers (0=use only accelerated drivers, 1=allow all drivers, 2=use |
| # if acceleration can't be determined) [default=2] |
| #USE_SOFTDRIVERS = 2 |
| |
| # CIPHERS: either ALL, NONE, NO_ECB (all except ECB-mode) or a |
| # comma-separated list of ciphers to enable [default=NO_ECB] |
| # Starting in 1.2.0, if you use a cipher list, each cipher may be |
| # followed by a colon (:) and the minimum request length to use |
| # AF_ALG drivers for that cipher; smaller requests are processed by |
| # softare; a negative value will use the default for that cipher |
| #CIPHERS=AES-128-CBC:1024, AES-256-CBC:768, DES-EDE3-CBC:0 |
| |
| # DIGESTS: either ALL, NONE, or a comma-separated list of digests to |
| # enable [default=NONE] |
| # It is strongly recommended not to enable digests; their performance |
| # is poor, and there are many cases in which they will not work, |
| # especially when calling fork with open crypto contexts. Openssh, |
| # for example, does this, and you may not be able to login. |
| #DIGESTS = NONE |
| |