FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

imx6ul: RSA 2048 bit key generation in CAAM acceleration

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

imx6ul: RSA 2048 bit key generation in CAAM acceleration

Jump to solution
‎05-04-2023 08:08 PM
893 Views
juan_tang
Contributor III

HI sir,

Platform:imx6ul

BSP:L4.1.15_ 2.0.0_ GA's patch

Function:RSA 2048 bit key generation in CAAM acceleration

Need support: 

I refer to the three patches in the link below,

#Enhance cryptodev and its engine in OpenSSL by CAA... - NXP Community

微信图片_20230505105930.png

then RSA acceleration, found that the generated key is invalid. checking the code, I feel like In function cryptodev_bn_miller_rabin( ) ,The return value judgment of the function cryptodev_bn_check_small_factors( ) is not comprehensive and may result in misjudgment. After trying to make the corrections, the key generated is normal, but the speed is slower than that of OpenSSL pure software. How fast can I generate 2048bit keys by using RSA hardware acceleration normally? Is there an optimized version of this patch?

Labels (3)
Labels
0 Kudos
Reply
1 Solution

Jump to solution
‎05-04-2023 11:53 PM
876 Views
kef2
Senior Contributor V
  • he return value judgment of the function cryptodev_bn_check_small_factors( ) is not comprehensive and may result in misjudgment. After trying to make the corrections, the key generated is normal,

Could you provide your variant, please? 

  • but the speed is slower than that of OpenSSL pure software.

Hashes and encryption are as well slower for smaller data blocks, yet it still offloads CPU and CPU can do other tasks while waiting for crypto result. If you generate just few RSA keys, it may have no sense to use CAAM for RSA, it depends on app.

View solution in original post

Reply
3 Replies

Jump to solution
‎05-08-2023 01:54 AM
842 Views
Harvey021
NXP TechSupport
NXP TechSupport

Hi @juan_tang 

Use cryptodev, mainly offload CPU at present. The performance is not as good as the CPU.

 

Best regards

Harvey

Reply

Jump to solution
‎05-08-2023 06:26 PM
831 Views
juan_tang
Contributor III

Got it ,thanks for your support

0 Kudos
Reply

Jump to solution
‎05-04-2023 11:53 PM
877 Views
kef2
Senior Contributor V
  • he return value judgment of the function cryptodev_bn_check_small_factors( ) is not comprehensive and may result in misjudgment. After trying to make the corrections, the key generated is normal,

Could you provide your variant, please? 

  • but the speed is slower than that of OpenSSL pure software.

Hashes and encryption are as well slower for smaller data blocks, yet it still offloads CPU and CPU can do other tasks while waiting for crypto result. If you generate just few RSA keys, it may have no sense to use CAAM for RSA, it depends on app.

Reply