search

OP-TEE / optee_os

Trusted side of the TEE
Other
1.59k stars 1.07k forks source link

RSA key generation takes minutes #6959

Closed fhsuman closed 3 months ago

fhsuman commented 3 months ago

Generating 4096 bit RSA key using openssl took 5 seconds on our ARM Cortex55 CPU

time openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:4096

real 0m 5.04s user 0m 5.04s sys 0m 0.00s

Same key generation using OPTEE took more than 103 seconds using below code

TEE_AllocateTransientObject(TEE_TYPE_RSA_KEYPAIR, 4096, &key); TEE_GenerateKey(key, 4096, NULL, 0);

time teec_test

D/TA: TA_OpenSessionEntryPoint: Invoking TA M/TA: Requesting RSA KEY Generation real 1m 43.75s user 0m 0.00s sys 1m 43.73s

OPTEE is using the same DDR memory that is used by Linux.

Any insight, why OPTEE is taking so much time to generate RSA key

fhsuman commented 3 months ago

Find out the root cause. It seems our HW RNG is bit slower.