[gnutls-help] Support AF_ALG crypto in Linux
A L
mail at lechevalier.se
Thu Jul 23 17:36:51 CEST 2020
Hi,
These days all AMD CPUs have a on-board Crypotographic CoProcessor
(CCP), which is part of the Platform Security Processor (PSP). It has
hardware encryption and decryption as well as a randnr generator. In
current Kernels, the CCP is available throuh AF_ALG interface.
I do not think that GnuTLS supports this. Doing a web search I found
only one reference to a 2 year old patch:
https://gitlab.com/gnutls/gnutls/-/issues/308
IMHO it would be great if GnuTLS would consider adding support for this.
On my AMD Athlon 3000G, OpenSSL generated almost 30x performance
increase with AF_ALG enabled!
Relevant kernel doc:
https://www.kernel.org/doc/html/v5.7/crypto/userspace-if.html
Anders
More information about the Gnutls-help
mailing list