文档
我要评分
获取效率
正确性
完整性
易理解
提交关闭

Application Cases

  1. Install the KAE by referring to Installing the KAE Software.
  2. View the KAE library.
    1
    		 
    ll /usr/local/lib/engines-1.1

  3. Configure OpenSSL to call the KAE library (that is, configure OpenSSL environment variables).
    1. Check the OpenSSL installation path (OPENSSLDIR). 
      openssl version -a
      • CentOS:

      • openEuler:

        Default path of the OpenSSL configuration file.

        • CentOS: 
          cat /usr/local/ssl/openssl.cnf
        • openEuler: 
          cat /etc/pki/tls/openssl.cnf
    2. Create an OpenSSL configuration file. 
      vim /home/openssl.cnf
    3. Press i to enter the insert mode and write the KAE content to the OpenSSL configuration file. 
      openssl_conf=openssl_def
[openssl_def]
engines=engine_section
[engine_section]
kae=kae_section
[kae_section]
engine_id=kae
dynamic_path=/usr/local/lib/engines-1.1/kae.so
default_algorithms=ALL
init=1
    4. Press Esc, type :wq!, and press Enter to save the file and exit.
    5. Check the OpenSSL configuration file. 
      cat /home/openssl.cnf
    6. Open profile. 
      vi /etc/profile
    7. Add the following content. Save the file and exit. 
      export OPENSSL_CONF=/home/openssl.cnf
    8. Make the environment variables take effect. If the system is restarted, you need to run the command again. 
      source /etc/profile
    9. Check the environment variables. 
      echo $OPENSSL_CONF

      Restore the default library called by OpenSSL.

      1. Open profile. 
        vi /etc/profile
      2. Delete the following content. Save the file and exit. 
        export OPENSSL_CONF=/home/openssl.cnf
      3. Make the environment variables take effect. 
        source /etc/profile
        unset OPENSSL_CONF
      4. Check the environment variables. 
        echo $OPENSSL_CONF
  4. Check that the KAE library has taken effect.

    Method 1: Test the RSA2048 algorithm performance.

    During the performance test of the RSA2048 algorithm, check the value of the KAE resource queue (256 by default). If the value decreases, the KAE library has taken effect.

    There are two methods to test the RSA2048 algorithm performance: synchronous performance test and asynchronous performance test. Because OpenSSL environment variables have been configured, the KAE library can be called even though you do not specify the KAE in the performance test command.

    1. Test the synchronization performance. 
      openssl speed -elapsed rsa2048
    2. Test the asynchronous performance. 
      openssl speed -elapsed -async_jobs 36 rsa2048
    3. Check the KAE resource queue value (256 by default). If the value decreases, the KAE library has taken effect. 
      cat /sys/class/uacce/hisi_hpre-*/attrs/available_instances
Or
watch -d cat /sys/class/uacce/hisi_hpre-*/attrs/available_instances

    Method 2: Test the HTTPS short connection performance.

    During the HTTPS short connection performance test, check the value of the KAE resource queue (256 by default). If the value decreases, the KAE library has taken effect.

    There are two methods to test the HTTPS short connection performance: synchronous performance test and asynchronous performance test.

    For details about how to port and deploy Tengine, see Tengine Porting Guide. For details about how to install and use httpress, see httpress Test Guide.

    1. Test the synchronization performance.

      Disable the asynchronous mode for Tengine and test the HTTPS short connection performance (use the httpress tool to test Tengine).

    2. Test the asynchronous performance.

      Enable the asynchronous mode for Tengine and test the HTTPS short connection performance (use the httpress tool to test Tengine).

    3. Check the KAE resource queue value (256 by default). If the value decreases, the KAE library has taken effect. 
      cat /sys/class/uacce/hisi_hpre-*/attrs/available_instances
Or
watch -d cat /sys/class/uacce/hisi_hpre-*/attrs/available_instances
Parent topic: Feature Guide