-
Notifications
You must be signed in to change notification settings - Fork 19
/
README
112 lines (98 loc) · 3.07 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
OpenSSL engine for uadk
=================
- [Prerequisites](#prerequisites)
- [Installation Instruction](#installation-instruction)
- [Build & Install OpenSSL](#build-&-install-openssl)
- [Build & Install UADK](#build-&-install-uadk)
- [Build & Install OpenSSL UADK engine](#build-&-install-openssl-uadk-engine)
- [Testing](#testing)
Prerequisites
=============
* CPU: aarch64
* OpenSSL: 1.1.1f
* libnuma
* zlib
Installation Instruction
========================
Build & Install OpenSSL
-----------------------
```
git clone https://github.com/openssl/openssl.git
cd openssl
git checkout -b OpenSSL_1_1_1f OpenSSL_1_1_1f
./config -Wl,-rpath=/usr/local/lib
make
make test
sudo make install
openssl version
```
Build & Install UADK
--------------------
```
git clone https://github.com/Linaro/uadk.git
cd uadk
./cleanup.sh
./autogen.sh
./conf.sh
make
sudo make install
```
* If get error:"cannot find -lnuma", please install the libnuma-dev
* If get error:"fatal error: zlib.h: No such file or directory", please install zlib.
Build & Install OpenSSL UADK Engine
-----------------------------------
```
git clone https://github.com/Linaro/openssl-uadk.git
cd openssl-uadk
autoreconf -i
./configure --libdir=/usr/local/lib/engines-1.1/ --enable-kae
make
sudo make install
Option --enable-kae can be chosen to enable KAE for non-sva version
```
Testing
-------
```
./test/sanity_test.sh
```
Environment variable of uadk engine
===================================
Introduction
------------
Through the environment variable function, users can configure the number of
queue resources that can be applied by different algorithms by setting the
algorithm switch in the openssl.cnf file.
Usage
-----
1. Firstly, modify the openssl.cnf file, add the following settings at the beginning of this file:
```
openssl_cnf = openssl_def
[openssl_def]
engines = engine_section
[engine_section]
uadk_engine = uadk_section
[uadk_section]
UADK_CMD_ENABLE_RSA_ENV = 1
UADK_CMD_ENABLE_DH_ENV = 1
UADK_CMD_ENABLE_CIPHER_ENV = 1
UADK_CMD_ENABLE_DIGEST_ENV = 1
UADK_CMD_ENABLE_ECC_ENV = 1
```
Note: * The number 1 for enable environment variable, and 0 for disable environment variable.
* By default, you can find openssl.cnf file under /usr/local/ssl/ path.
2. Secondly, use "export" command to set queue number.
For example,
```
export WD_RSA_CTX_NUM="sync:2@0,async:4@0"
export WD_DH_CTX_NUM="sync:2@0,async:4@0"
export WD_CIPHER_CTX_NUM="sync:2@2,async:4@2"
export WD_DIGEST_CTX_NUM="sync:2@2,async:4@2"
export WD_ECC_CTX_NUM="sync:2@0,async:4@0"
```
Note: * You can write these commands into ~/.bashrc file and source it, or just
input temporarily.
* "sync" indicates synchronous mode, "async" indicates asynchronous mode.
* "sync:2@0" means request 2 queues on numa-0 node, under synchronous mode.
* "async:2@0" means request 2 queues on numa-0 node, under asynchronous mode.
* If you do not perform the second step, the engine will use the default
setting:"sync:2@0, async:2@0" to request queues from hardware.