[openssl-dev] OpenSSL patches and enhancements from Akamai
Salz, Rich
rsalz at akamai.com
Sat Feb 14 16:17:17 UTC 2015
> > * Add task for decryption of client key exchange response
> > * Add task for generating client certificate verify message
> > * Add task for signing of server key exchange message
>
> Can you explain this a little more?
I can. I mentioned this on the -team mailing list. The idea is that an application can register callbacks so that CPU-intensive intructions, RSA and ECC ops for now, can get spun off into a separate thread. The top-level SSL_accept/connect return a new error code "not ready yet" and then can poll or wait for the background processor to tell the main thread it's ready, etc.
Again referring to internal knowledge, this might be moot. But it might be a quick win for some of downstream distro's ...
More information about the openssl-dev
mailing list