On Wed, Jan 30, 2008 at 09:32:34PM +0200, Paul Sheer wrote:
> Hi,
>
> I have a BMC5825 card from Silicom that is supposed to do over
> 10'000 rsa per second.
Never going to happen. The context switches to talk to the
accellerator are too expensive, and OpenSSL doesn't support (nor
have any way to support) modern accellerators' SSL-handshake nor
SSL-record operations.
2000/sec is a good place to be, on a client. Expect less on a
server, unfortunately.
> I replaced OPENSSL_cleanse() {...} with { memset(); } already
> - IT WAS THE TOP FUNCTION IN MY FIRST GPROF RUN!!!!!
Yes. This is the OPENSSL_cleanse() of a maximum-sized SSL record,
right at the outset of any session. It is amazingly expensive, but
I have had trouble ascertaining whether it can be safely arranged
for it to zero less data.
If any of the OpenSSL developers are listening, I would really love
some feedback on this.
> The card supports hardware SHA1 and MD5 - but it's not used
> because OpenSSL divides each md operation into an init(),
> update() and final() stage. But the card wants a one shot.
> So the crypto card API does not fit the software API
Which version of OpenSSL are you using? It appears that in -current
an engine can provide an HMAC method, and the Broadcom hardware does
directly support HMAC. The old way, where engines saw only raw hash
operations (MD5 or SHA) even though SSLv3 or TLS was doing HMAC, was
completely insane.
I wish there were a way for an engine to provide an SSL-record-encryption
or -decryption method. Most modern accellerators do those, too.
Thor
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
