It gave us a better performance of RSA operations. (2~11 times)
The old modexp implementation (Z = X ^ Y mod M) loaded all the data into
the hw registers and was waiting for completion, but due to
the hardware RSA implementation, the calculations always started with 4096 bit,
which took a lot of time.
Measurement results (measurements were made for keys: 2048, 3072 and 4096 bits)
(Old) - Sliding-window exponentiation (HAC 14.85):
keysize = 2048 bits
RSA key operation (performance): public [93206 us], private [280189 us]
keysize = 3072 bits
RSA key operation (performance): public [293614 us], private [858157 us]
keysize = 4096 bits
RSA key operation (performance): public [653192 us], private [1912126 us]
Instead (Old) - Sliding-window exponentiation (HAC 14.85) was implemented
(New) - Montgomery exponentiation (HAC 14.94) which showed
better performance on private and public keys.
keysize = 2048 bits
RSA key operation (performance): public [14504 us], private [149456 us]
keysize = 3072 bits
RSA key operation (performance): public [35073 us], private [392743 us]
keysize = 4096 bits
RSA key operation (performance): public [58650 us], private [787186 us]
For this reason, the old implementation was removed
and the MBEDTLS_HARDWARE_MPI option was turned on by default.
Why the MPI_INTERRUPT option is removed:
the old implementation used calculations on the hardware and
it took a lot of time (10ms - 500ms). And in order not to stand idle
while waiting for completion, an interrupt option was added.
This made it possible to carry out other tasks during the calculation,
and this one to block. The new method is free from such a drawback and
the maximum duration of one RSA HW operation does not exceed 70us (usually 2-70 μs).
This option is no longer needed.
Closes: IDF-965
Use rev-parse to get the HEAD directory instead of manually looking for
it. This method works in the main repository, worktrees and submodules.
Closes https://github.com/espressif/esp-idf/issues/4136
The workaround for PSRAM that will occupy an SPI bus is enabled only when:
1. used on 32MBit ver 0 PSRAM.
2. work at 80MHz.
The test used to only check 32MBit by the config option, but for PSRAM
on Wrover-B module seems to use a newer version of 32MBit PSRAM. So it
expects the workaround to be enabled, but actually not.
This commit split the unit test into two parts:
1. check all SPI buses are available, for all configs except psram_hspi
and psram_vspi, run on regular runners (including Wrover and Wrover-B).
a hidden option is enabled so that the compiler knows it's not building
psram_hspi or psram_vspi.
2. check the specified bus are acquired, for config psram_hspi and
psram_vspi. This only run on special runner (legacy Wrover module).
On macOS, rsync --exclude option accepts absolute paths as well as
relative ones. On Linux, it doesn't, which results in endless recursive
copying of test_build_system directory.