[openssl/openssl] dd1d7b: Improve FIPS RSA keygen performance.
Shane
noreply at github.com
Mon Nov 21 10:20:04 UTC 2022
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: dd1d7bcb69994d81662e709b0ad838880b943870
https://github.com/openssl/openssl/commit/dd1d7bcb69994d81662e709b0ad838880b943870
Author: slontis <shane.lontis at oracle.com>
Date: 2022-11-21 (Mon, 21 Nov 2022)
Changed paths:
M crypto/bn/bn_gcd.c
M crypto/bn/bn_rsa_fips186_4.c
M doc/man3/BN_cmp.pod
M include/openssl/bn.h
M test/bntest.c
M util/libcrypto.num
Log Message:
-----------
Improve FIPS RSA keygen performance.
FIPS 186-4 has 5 different algorithms for key generation,
and all of them rely on testing GCD(a,n) == 1 many times.
Cachegrind was showing that during a RSA keygen operation,
the function BN_gcd() was taking a considerable percentage
of the total cycles.
The default provider uses multiprime keygen, which seemed to
be much faster. This is because it uses BN_mod_inverse()
instead.
For a 4096 bit key, the entropy of a key that was taking a
long time to generate was recorded and fed back into subsequent
runs. Roughly 40% of the cycle time was BN_gcd() with most of the
remainder in the prime testing. Changing to use the inverse
resulted in the cycle count being 96% in the prime testing.
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19578)
More information about the openssl-commits
mailing list