imx6ul: RSA 2048 bit key generation in CAAM acceleration

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

imx6ul: RSA 2048 bit key generation in CAAM acceleration

Jump to solution
597 Views
juan_tang
Contributor II

HI sir,

Platform:imx6ul

BSP:L4.1.15_ 2.0.0_ GA's patch

Function:RSA 2048 bit key generation in CAAM acceleration

Need support: 

I refer to the three patches in the link below,

#Enhance cryptodev and its engine in OpenSSL by CAA... - NXP Community

微信图片_20230505105930.png

then RSA acceleration, found that the generated key is invalid. checking the code, I feel like In function cryptodev_bn_miller_rabin( ) ,The return value judgment of the function cryptodev_bn_check_small_factors( ) is not comprehensive and may result in misjudgment. After trying to make the corrections, the key generated is normal, but the speed is slower than that of OpenSSL pure software. How fast can I generate 2048bit keys by using RSA hardware acceleration normally? Is there an optimized version of this patch?

Labels (3)
0 Kudos
1 Solution
580 Views
kef2
Senior Contributor IV
  • he return value judgment of the function cryptodev_bn_check_small_factors( ) is not comprehensive and may result in misjudgment. After trying to make the corrections, the key generated is normal,

Could you provide your variant, please? 

  • but the speed is slower than that of OpenSSL pure software.

Hashes and encryption are as well slower for smaller data blocks, yet it still offloads CPU and CPU can do other tasks while waiting for crypto result. If you generate just few RSA keys, it may have no sense to use CAAM for RSA, it depends on app.

View solution in original post

3 Replies
546 Views
Harvey021
NXP TechSupport
NXP TechSupport

Hi @juan_tang 

Use cryptodev, mainly offload CPU at present. The performance is not as good as the CPU.

 

Best regards

Harvey

535 Views
juan_tang
Contributor II

Got it ,thanks for your support

0 Kudos
581 Views
kef2
Senior Contributor IV
  • he return value judgment of the function cryptodev_bn_check_small_factors( ) is not comprehensive and may result in misjudgment. After trying to make the corrections, the key generated is normal,

Could you provide your variant, please? 

  • but the speed is slower than that of OpenSSL pure software.

Hashes and encryption are as well slower for smaller data blocks, yet it still offloads CPU and CPU can do other tasks while waiting for crypto result. If you generate just few RSA keys, it may have no sense to use CAAM for RSA, it depends on app.