# Acc. support for the NIST P-224 and P-256 groups in openssl.

## olek

When running tor, I get this message:

 *Quote:*   

> 
> 
> We were built to run on a 64-bit CPU, with OpenSSL 1.0.1 or later, but with a version of OpenSSL that apparently lacks accelerated support for the NIST P-224 and P-256 groups. Building openssl with such support (using the enable-ec_nistp_64_gcc_128 option when configuring it) would make ECDH much faster.

 

And the ebuild lacks a USE-flag for this. Is this intended? Would it be safe to manually put the option in the ebuild? Unfortunately I don't have a testing environment right now.

----------

## Chaser Andrey

bump

----------

## ojbyer

Apparently this is fixed if you install the ~arch version of openssl.

----------

## ycUygB1

I have added a version of OpenSSL to my overlay (hnaparst) that has a nist use flag turned on by default.

----------

