The following reply was made to PR bin/32414; it has been noted by GNATS.

From: Thor Lancelot Simon <tls@rek.tjls.com>
To: ijk@speakeasy.net, rjs@fdy2.demon.co.uk
Cc: gnats-bugs@netbsd.org
Subject: Re: bin/32414
Date: Wed, 7 Jun 2006 20:09:32 -0400

 A few things of note:
 
 1) You can't test symmetric ciphers in OpenSSL engines with "openssl speed"
    unless you use the -evp parameter.  So this is correct:
 
    openssl speed -engine cryptodev -evp aes128
 
 or
 
    openssl speed -engine cryptodev -evp des-ede3-cbc
 
 but not this:
 
    openssl speed -engine cryptodev aes
 
 or
    openssl speed -engine cryptodev des
 
 This is due to a bogosity in the way "openssl speed" is implemented, as well
 as a bogosity in the way "engines" are integrated into OpenSSL.
 
 2) I need to know which crypto hardware *exactly* the people reporting
    this problem (both Robert and Jeff) have, and what systems it's in,
    and whether it has been proven to work with earlier NetBSD kernels
    or OpenSSL libraries.  This is because the Hifn 795[56] have a severe
    hardware bug that, for some PCI cards on some PCI buses, can cause
    the chip to lock up and return garbage for all register reads.  So
    it is possible that the chip is working at boot time but quickly
    *stops* working at some point afterwards.
 
    I've seen this problem with Soekris 14xx cards on Soekris net45xx
    systems, but others have seen it elsewhere.  It can't be worked around
    in software. :-/
 
 Thor