Introduction

This document provides common examples of using the encryption and decryption module as well as the compression module of the Kunpeng Accelerator Engine (KAE) to help you use KAE in specific scenarios.

The restrictions on some algorithms are as follows:

• If you have not purchased a KAE license, do not use KAE to call the algorithms. Otherwise, the performance of the OpenSSL encryption algorithm may be affected.
• The SM4-XTS mode can be used only in kernel space. For details, see Using KAE to Improve SM4-XTS Algorithm Performance.
• The SM4 performance in synchronous mode is better than that in asynchronous mode in small-packet scenarios (packet size smaller than 2 KB). In such cases, the synchronous mode is recommended.
• AES has implemented acceleration of software instruction sets on the AArch64 platform. Hardware-based acceleration has obvious asynchronous performance advantages over OpenSSL in medium- or large-packet scenarios (packet size: 16 KB to 256 KB). In such cases, hardware-based acceleration is recommended.
• The SM4 and AES asynchronous modes support the data size of 256 KB or less. If the data size is greater than 256 KB, the synchronous mode is used for calculation.
• The MD5 algorithm cannot prevent collision attacks and is not applicable to security authentication, such as SSL public key authentication or digital signature.
• The SM3 and SM4 algorithms are enabled by default. You can enable or disable the two algorithms in the openssl.cnf file.
• zlib, gzip, zstd, and LZ4 algorithms can be used for compression and decompression.