From: "Kusztal, ArkadiuszX" <arkadiuszx.kusztal@intel.com>
To: Balakrishnan K <Balakrishnan.K1@tatacommunications.com>
Cc: "users@dpdk.org" <users@dpdk.org>
Subject: RE: Queries on OPENSSL PMD
Date: Tue, 20 Dec 2022 19:53:05 +0000 [thread overview]
Message-ID: <PH0PR11MB50139974EE8C0B4C9AAA40B29FEA9@PH0PR11MB5013.namprd11.prod.outlook.com> (raw)
In-Reply-To: <PSAPR04MB5516479D23ACFD234F4804BBD6EA9@PSAPR04MB5516.apcprd04.prod.outlook.com>
[-- Attachment #1: Type: text/plain, Size: 1408 bytes --]
Hi Bala,
>> Is DPDK has any supported API's do to the SSL handshake
Yes.
Of course DPDK by itself will not be able to process full TLS handshake, but some of the necessary parts are there.
* For key exchange one can use:
RTE_CRYPTO_ASYM_XFORM_DH
RTE_CRYPTO_ASYM_XFORM_ECDH
RTE_CRYPTO_ASYM_XFORM_ECPM
RTE_CRYPTO_ASYM_XFORM_ECFPM
Of course there is the RSA, but not supported for KE since TLS1.3.
* For digital signatures:
RTE_CRYPTO_ASYM_XFORM_ECDSA
RTE_CRYPTO_ASYM_XFORM_RSA
>> store the session key which can be used to decrypt or encrypt the packets
This will be done by the driver in private session data, as this is the session key.
>> Is ECDH is supported in opnessl PMD.
Currently unfortunately it is not.
Thanks,
Arek
From: Balakrishnan K <Balakrishnan.K1@tatacommunications.com>
Sent: Tuesday, December 20, 2022 7:47 AM
To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
Cc: users@dpdk.org
Subject: Queries on OPENSSL PMD
Hi Arik,
In openssl PMD I could see the API's for encrypt and decrypt which is accept the key and iv and do the specified operation.
I have few queries on how to get those keys suppose if, we are creating SSL/TLS session .
Is DPDK has any supported API's do to the SSL handshake and store the session key which can be used to decrypt or encrypt the packets.
Is ECDH is supported in opnessl PMD.
Regards,
Bala
[-- Attachment #2: Type: text/html, Size: 10764 bytes --]
prev parent reply other threads:[~2022-12-20 19:53 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-20 6:46 Balakrishnan K
2022-12-20 19:53 ` Kusztal, ArkadiuszX [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=PH0PR11MB50139974EE8C0B4C9AAA40B29FEA9@PH0PR11MB5013.namprd11.prod.outlook.com \
--to=arkadiuszx.kusztal@intel.com \
--cc=Balakrishnan.K1@tatacommunications.com \
--cc=users@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).