Hw or Sw opimized ECDSA ?

[simo5]

Looking at this code it seems to me this function indicates that some cryptography function here is implemented via CPU provided optimized instructions (CPACF) not an external HW accelerator:

libica/src/s390_ecc.c

Line 1418 in cb98c51

static int ecdsa_sign_cpacf(const ICA_EC_KEY *priv, const unsigned char *hash,

If that is the case it seem here OpenSSL's ECDSA implemenation should be used, and support to utilize CPACF should be contributed to mainline OpenSSL so ECDSA is always as fast as possible.
Is there something preventing regular OpenSSL from using CPACF instructions directly when compiled on S390 ?

[p-steuer]

OpenSSL mainline (master) has all relevant CPACF support: ECDSA (P-256/384/521) keygen, sign, verify, EdDSA (ed25519,ed448) keygen, sign, verify, ECDH (P-256/384/521, X25519, X448), all of SHA-2 and SHA3/SHAKE, AES-GCM,CCM,CBC,XTS,ECB,CFB,OFB,CTR plus Vectorized Chacha20 and Poly1305.

That list basically sums up most of my OpenSSL contributions in the last years ..

The 1.1.1. backports should already be included in RHEL's OpenSSL package. I think i provided my branch for that purpose:
https://github.com/p-steuer/openssl/tree/ecc111

The following PR is an effort to get the backports merged to 1.1.1 : openssl/openssl#11188

[simo5]

@p-steuer does this mean this code can be dropped and turned into a wrapper around OpenSSL's ECDSA signing/verification code ?
Ideally using EVP_DIgestSign*() interface because ECDSA_do_sign()/ECDSA_do_verify() are deprecated and will eventually go away.