WOLFSSL / WOLFCRYPT ASYNC WITH INTEL QUICKASSIST
The wolfSSL / wolfCrypt libraries support asynchronous (non-blocking) crypto using hardware acceleration with the Intel QuickAssist adapter, which is a low-profile PCIe x8 (Gen 3) card that accelerates crypto operations. This allows greatly increased performance on server platforms requiring high connection rates and throughput.
Performance Benchmarks
Asynchronous Features
wolfSSL:
- Client and Server (SSL/TLS)
- Public Key infrastructure – Handshake / PKI (RSA, ECC, DH)
- Encryption/ Decryption
- Hashing / HMAC
- Certificate Signing and Verification
wolfCrypt:
- PKI: RSA public/private (CRT/non-CRT), ECDSA/ECDH, DH
- Cipher: AES CBC/GCM, DES3
- Digest: MD5, SHA, SHA224, SHA256, SHA384, SHA512 and HMAC.
- Hardware simulator for testing/evaluation
- DRBG and NRBG
Design:
The implementation is similar to epoll, which ensures that no function call will block. If a call would block waiting on hardware then `WC_PENDING_E` is returned and the hardware must be polled. For wolfSSL polling is done with either `wolfSSL_CTX_AsyncPoll` or `wolfSSL_AsyncPoll`. For wolfCrypt polling is done with `wolfAsync_EventQueuePoll` or `wolfAsync_EventPoll`.
Learn More
Intel QuickAssist DH8950 Product Brief
Blog: Intel Quick Assist and wolfSSL
Blog: wolfSSL Asynchronous Intel QuickAssist Support
Did you know that wolfSSL also supports TLS 1.3? Learn more here!
Support and Evaluation
For more information on the wolfSSL asynchronous features and using wolfSSL with Intel QuickAssist, please contact us at facts@wolfssl.com.