diff options
| author | slontis <shane.lontis@oracle.com> | 2022-11-02 12:01:34 +1000 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2022-11-21 11:17:59 +0100 |
| commit | dd1d7bcb69994d81662e709b0ad838880b943870 (patch) | |
| tree | f24c3ce03aa4d0bd374ce4cba03d0968cd886b9c /util | |
| parent | 88113f5dc6828694820d39612c3a760e386a0aa5 (diff) | |
| download | openssl-new-dd1d7bcb69994d81662e709b0ad838880b943870.tar.gz | |
Improve FIPS RSA keygen performance.
FIPS 186-4 has 5 different algorithms for key generation,
and all of them rely on testing GCD(a,n) == 1 many times.
Cachegrind was showing that during a RSA keygen operation,
the function BN_gcd() was taking a considerable percentage
of the total cycles.
The default provider uses multiprime keygen, which seemed to
be much faster. This is because it uses BN_mod_inverse()
instead.
For a 4096 bit key, the entropy of a key that was taking a
long time to generate was recorded and fed back into subsequent
runs. Roughly 40% of the cycle time was BN_gcd() with most of the
remainder in the prime testing. Changing to use the inverse
resulted in the cycle count being 96% in the prime testing.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19578)
Diffstat (limited to 'util')
| -rw-r--r-- | util/libcrypto.num | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/util/libcrypto.num b/util/libcrypto.num index 1db533d4a2..4d46195c8c 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5430,6 +5430,7 @@ OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION: EVP_RAND_CTX_up_ref ? 3_1_0 EXIST::FUNCTION: RAND_set0_public ? 3_1_0 EXIST::FUNCTION: RAND_set0_private ? 3_1_0 EXIST::FUNCTION: +BN_are_coprime ? 3_1_0 EXIST::FUNCTION: X509_PUBKEY_set0_public_key ? 3_2_0 EXIST::FUNCTION: OSSL_STACK_OF_X509_free ? 3_2_0 EXIST::FUNCTION: EVP_MD_CTX_dup ? 3_2_0 EXIST::FUNCTION: |