mirror of
https://github.com/bytedance/g3.git
synced 2026-04-28 03:30:31 +00:00
15950ff31f
Some checks are pending
CodeCoverage / lib unit test (push) Waiting to run
CodeCoverage / g3proxy test (push) Waiting to run
CodeCoverage / g3bench test (push) Waiting to run
CodeCoverage / g3statsd test (push) Waiting to run
CrossCompiling / Build (push) Waiting to run
Linux-CI / Build (push) Waiting to run
Linux-CI / Clippy (push) Waiting to run
Linux-CI / Build vendored (push) Waiting to run
Linux-CI / Build with OpenSSL Async Job (push) Waiting to run
MacOS-CI / Build (push) Waiting to run
MacOS-CI / Build vendored (push) Waiting to run
StaticLinking / musl (push) Waiting to run
StaticLinking / msvc (push) Waiting to run
Windows-CI / Build (push) Waiting to run
Windows-CI / Build vendored (push) Waiting to run
2.7 KiB
2.7 KiB
Use Intel QAT Engine with g3keymess
Install build dependencies
apt install cmake libssl-dev autoconf libtool pkgconf nasm
Install crypto_mb
git clone https://github.com/intel/cryptography-primitives.git
cd cryptography-primitives/
git checkout v1.1.0 # checkout a released version
cd sources/ippcp/crypto_mb/
cmake -B build -DCMAKE_BUILD_TYPE=Release .
cd build/
make
make install
Install intel-ipsec-mb
git clone https://github.com/intel/intel-ipsec-mb.git
cd intel-ipsec-mb/
cmake -B build -DCMAKE_BUILD_TYPE=Release .
cd build/
make
make install
Install QAT Engine
OpenSSL Engine
Supported since OpenSSL 1.1.1. Deprecated with OpenSSL 3.0.
git clone https://github.com/intel/QAT_Engine.git
cd QAT_Engine/
git checkout v1.9.0 # checkout a released version
./autogen.sh
./configure --enable-qat_sw --disable-qat_hw # change to what you want
make
make install
Verify:
openssl speed -engine qatengine -elapsed -async_jobs 8 rsa2048
Example openssl.cnf (/etc/ssl/qat-engine.cnf):
openssl_conf = openssl_init
[openssl_init]
engines = engine_sect
[engine_sect]
qat = qat_sect
[qat_sect]
engine_id = qatengine
default_algorithms = ALL
OpenSSL Provider
Available since OpenSSL 3.0.
git clone https://github.com/intel/QAT_Engine.git
cd QAT_Engine/
git checkout v1.9.0 # checkout a released version
./autogen.sh
./configure --enable-qat_provider --enable-qat_sw --disable-qat_hw # change to what you want
make
make install
Verify:
openssl speed -provider qatprovider -elapsed -async_jobs 8 rsa2048
Example openssl.cnf (/etc/ssl/qat-provider.cnf):
openssl_conf = openssl_init
[openssl_init]
providers = provider_sect
[provider_sect]
default = default_sect
qat = qat_sect
[default_sect]
activate = 1
[qat_sect]
identity = qatprovider
activate = 1
Example g3keymess config
Assume that the config directory is /etc/g3keymess/test, and the openssl.cnf file path is /etc/ssl/qat.cnf
then you need to have
/etc/g3keymess/test/env contains
OPENSSL_CONF=/etc/ssl/qat.cnf
/etc/g3keymess/test/main.yaml can be written as:
-
without worker (single core)
server: - name: default listen: "[::]:1300" # enable multiplex mode to use openssl async job multiplex_queue_depth: 128 store: - name: local type: local dir: keys -
with worker (multiple cores)
worker: thread_number: 2 backend: async_job # use openssl async job as backend driver server: - name: default listen: "[::]:1300" # enable multiplex mode to use workers multiplex_queue_depth: 128 store: - name: local type: local dir: keys