Hw or Sw opimized ECDSA ? #48
Comments
|
OpenSSL mainline (master) has all relevant CPACF support: ECDSA (P-256/384/521) keygen, sign, verify, EdDSA (ed25519,ed448) keygen, sign, verify, ECDH (P-256/384/521, X25519, X448), all of SHA-2 and SHA3/SHAKE, AES-GCM,CCM,CBC,XTS,ECB,CFB,OFB,CTR plus Vectorized Chacha20 and Poly1305. That list basically sums up most of my OpenSSL contributions in the last years .. The 1.1.1. backports should already be included in RHEL's OpenSSL package. I think i provided my branch for that purpose: The following PR is an effort to get the backports merged to 1.1.1 : openssl/openssl#11188 |
|
@p-steuer does this mean this code can be dropped and turned into a wrapper around OpenSSL's ECDSA signing/verification code ? |
Looking at this code it seems to me this function indicates that some cryptography function here is implemented via CPU provided optimized instructions (CPACF) not an external HW accelerator:
libica/src/s390_ecc.c
Line 1418 in cb98c51
If that is the case it seem here OpenSSL's ECDSA implemenation should be used, and support to utilize CPACF should be contributed to mainline OpenSSL so ECDSA is always as fast as possible.
Is there something preventing regular OpenSSL from using CPACF instructions directly when compiled on S390 ?
The text was updated successfully, but these errors were encountered: