Hi Joel, We had a performance issue when running openssl with cryptodev, and we found that the root cause is how the openssl is using message digest offloading. OpenSSL is build to use MD to generate random numbers when cryptodev eng is present in the system. The OpenSSL RAND function is creating a storm of MD request, that (in our case) had impacted our performance.
What we have done - we had compiled openssl with symmetric ciphering offloading support, removing message digest offloading. CFLAG += "-DHAVE_CRYPTODEV" remove -DUSE_CRYPTODEV_DIGESTS Regards, Mircea -----Original Message----- From: Cryptodev-linux-devel [mailto:cryptodev-linux-devel-boun...@gna.org] On Behalf Of Joel Fernandes Sent: Tuesday, June 24, 2014 6:14 AM To: cryptodev-linux-devel@gna.org Cc: Prabhu, Rahul; Rao, Dipa Subject: [Cryptodev-linux-devel] Break down of https with cryptodev loaded Hi, I'm not able to even download a file from https with cryptodev loaded. I'm using OpenSSL 1.0.1g with cryptodev-linux v1.6 loaded, when I run the following: wget https://dl.google.com/linux/direct/google-chrome-stable_current_i386.deb --secure-protocol=TLSv1 --no-check-certificate I see something like this.. OpenSSL: error:0606C06E:digital envelope routines:EVP_VerifyFinal:wrong public key type OpenSSL: error:1408D07B:SSL routines:SSL3_GET_KEY_EXCHANGE:bad signature Unable to establish SSL connection. Without cryptodev loaded, everything works fine and the download completes. Any idea what may be going on? It appears that there are a lot of cryptodev_hash functions being called before the error. Appreciate it if someone with more experience on cryptodev can provide any useful debug tips or try to reproduce the issue and provide any fixes. I am trying to look into it too. Thanks, Joel Fernandes _______________________________________________ Cryptodev-linux-devel mailing list Cryptodev-linux-devel@gna.org https://mail.gna.org/listinfo/cryptodev-linux-devel _______________________________________________ Cryptodev-linux-devel mailing list Cryptodev-linux-devel@gna.org https://mail.gna.org/listinfo/cryptodev-linux-devel
