Applications such as secure Web servers can use the SSL protocol to encrypt their network traffic. OpenSSL is the open source library and toolkit implementing the SSL v2/v3 protocol. It’s available for many different operating systems, including Linux. Since OpenSSL 0.9.6, the library was extended to interact with external cryptographic hardware. The interfaces for a specific hardware vendor are put into so-called engine modules. For example, the engine module ibmca contains a shared object for the IBM Cryptographic Accelerator (ICA). The engine ibmca requires the interface library libICA to communicate with the ICA. Usually, both packages are pre-installed or available as separate packages—opensslibmca and libica—for the current Linux on System z distributions. These two packages are required when using any System z cryptographic hardware (CPACF and/or CEX2A) support for OpenSSL.
Once a CEX2 feature is properly configured for your Logical Partition (LPAR) or z/VM, the Linux generic cryptographic device driver, zcrypt, must be loaded to use the CEX2 hardware. Figure 2 shows all involved software/ hardware layers.
CEX2A supports public key operations in clear key mode only for SSL handshake processes, which are slow and CPU-intensive. Figure 3 shows the SSL handshake rates for a certain number of parallel connections. The workload used to measure SSL handshakes exchanges only a few bytes of data so the data encryption part (symmetric cipher) can be ignored.
One CEX2A adapter can drive up to 3,300 new connections per second (i.e., SSL handshakes), which is the adapter limit when using more than 16 parallel SSL connections. By adding further CEX2A adapters, you can go beyond the limit of one adapter. For example, a second adapter doubles the number of possible handshakes. When using no CEX2 feature, the maximum handshake limit is already reached at approximately 750 connections per second when using four logical processors. In this case, the four processors are the limiting factor. Based on this measurement environment, you can drive 4.4 times more connections per second with a single CEX2A adapter available.
Figure 4 displays the CPU load for 32 parallel SSL connections. The left bar is the CPU load for the measurement with no CEX2A adapter. All four processors are busy doing the RSA operations in software. So 94 percent of the processor load is the user time portion. The right bar shows the processor load for the same measurement with the CEX2A adapter available. Because the RSA operations are now offloaded to CEX2A, only two out of four processors are busy. The larger system time (kernel code running) is a result of using the generic crypto device driver, zcrypt. However, the total processor load is only 50 percent.
Generic Cryptographic Device Driver Polling Thread