From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp.tuxdriver.com (charlotte.tuxdriver.com [70.61.120.58]) by dpdk.org (Postfix) with ESMTP id 460AC5A35 for ; Thu, 2 Apr 2015 13:30:51 +0200 (CEST) Received: from hmsreliant.think-freely.org ([2001:470:8:a08:7aac:c0ff:fec2:933b] helo=localhost) by smtp.tuxdriver.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.63) (envelope-from ) id 1YddKe-0007R1-Vv; Thu, 02 Apr 2015 07:30:49 -0400 Date: Thu, 2 Apr 2015 07:30:43 -0400 From: Neil Horman To: Deep Debroy Message-ID: <20150402113043.GA26735@hmsreliant.think-freely.org> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-Spam-Score: -2.9 (--) X-Spam-Status: No Cc: dev@dpdk.org Subject: Re: [dpdk-dev] library choices for AES CBC/GCM on dpdk app datapath X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Apr 2015 11:30:51 -0000 On Wed, Apr 01, 2015 at 03:54:27PM -0700, Deep Debroy wrote: > Hi, I was wondering if anyone has pointers for a crypto library > implementing AES CBC and GCM that I can use for encrypting network packets > in a DPDK app's datapath. > > The app is supposed to run in a VM in the cloud. So access to crypto > acceleration hardware (besides Intel AES NI/pmuludq) may not be present. > > Does it make sense to look into OpenSSL and invoking it's APIs from a DPDK > app? > > Thanks! > The openssl libcrypto library provides most of the above I think. You can also just use the AF_ALG protocol to leverage the kernels crypto resources. Neil