[openssl-dev] [RFC 0/4] Kernel TLS socket API
Hannes Frederic Sowa
hannes at stressinduktion.org
Thu Jun 8 08:43:15 UTC 2017
Hello,
On Thu, Jun 8, 2017, at 00:05, Kurt Roeckx wrote:
> On Wed, Jun 07, 2017 at 03:35:45PM +0300, Boris Pismenny wrote:
> > Hello all,
> >
> > I would like to introduce you to the new kernel API for TLS transmit-side
> > data-path, and open a discussion regarding its support in OpenSSL.
>
> So my understanding is that there are really 2 parts in the kernel
> that change:
> - The kernel is aware of TLS and can do the symmetric encryption
> - The kernel can offload the symmetric encryption to the NIC
>
> And I guess you're mostly interested in the combination of the two
> where you would end up with the unencrypted data going go the NIC
> and that you might get speeds close to what you can do
> unencrypted. The performance gains would come from avoiding making
> copies and not doing the encryption on the CPU.
>
> My understanding from the old data is that moving the encryption
> to the kernel had a negative performance impact. So this at least
> looks like something we do not always want to enable. It might be
> useful to have an API where we can check that the offload is
> supported, or that we have an option to enable moving it to the
> kernel.
we have discussed this in the past on netdev at vger.kernel.org but I just
want to point out here again, that renewing the symmetric crypto keys is
not supported in the kernel part (for the time being).
So in case the application depends on renegotiation (TLS1.2, which is
the only version supported right now by the kernel AFAIK) as well key
updates in TLS1.3 won't work.
Because this feature is not transparent yet, I think it definitely needs
a switch for applications to control it.
Bye,
Hannes
More information about the openssl-dev
mailing list