How do I enable AES-NI (hardware acceleration) for Node.js crypto on Linux?

Question

I wrote a basic function to test the speed of the AES-256-CBC mode of the Node.js built-in crypto functions. These functions use OpenSSL, so they should support AES-NI, but when I correctly enable AES-NI and do a command-line test of OpenSSL the encryption speed is ~350MB/s on OpenSSL and only ~100MB/s on Node.js Crypto.

I used this answer to enable OpenSSL AES-NI in the command line and ran it as follows:

openssl speed -evp aes-256-cbc

My question is, how do I make the speed of the Node.js crypto functions for AES match that of OpenSSL run in the command line? I suspect the reason is failure to use AES-NI

Answer 1

It seems that this was not correctly enabled until the latest release v0.12 (that was just released publicly).

Some of the notes are available here http://strongloop.com/strongblog/performance-node-js-v-0-12-whats-new/

Answer 2

No, you are doing it right. The performance of OpenSSL in Node is a bit disappointing. Most production Node.js deployments terminate SSL connections in something other than Node.js and then forward the unencrypted connections to Node.js.