[Bug 1602655] Comment bridged from LTC Bugzilla
bugproxy
bugproxy at us.ibm.com
Thu Jul 14 13:21:11 UTC 2016
------- Comment From Bastian.Pfeifer at de.ibm.com 2016-07-14 09:08 EDT-------
Hi,
that's right !
A workaround would be to configure the IBMCA engine into openssl (openssl.cnf).
However, as the Polyakov code directly make use of the CPACF instructions we will end up with about
50 % performance degradation compared to the 'longer' way through the libica API for small payloads.
For the asymmetric case, when no CEX5 cards are available, we will still
have a factor ~4. You remember the 'bn_mult_add_words' improvements,
right ?
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1602655
Title:
The openssl s390x assembly pack is not used
Status in Ubuntu on IBM z Systems:
Confirmed
Status in openssl package in Ubuntu:
Confirmed
Status in openssl source package in Xenial:
New
Bug description:
The openssl s390x assembly code is not available, causing a fallback to openssl internal C-code.
The performance degradation is up to a factor 4 for asymmetric (RSA, ...) and a factor >10 for symmetric cipher like SHA & AES.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1602655/+subscriptions
More information about the foundations-bugs
mailing list