On 10/04/2019 11:03, valmiki wrote:
>
>>> Hi All,
>>>
>>> I'm trying to understand server and client code over tcp using openssl.
>>>
>>> How does the flow work when we do SSL_write or SSL_read.
>>>
>>> SSL_write -> send buffer to kernel crypto subsystem -> take encrypted
>>> buffer and send it over network socket.
>>>
>>> Is the above understanding correct ?
>> No, this isn't correct. All crypto is done in user space* using libcrypto.
>>
>> Matt
>>
>> * Actually there is a new option in master where the kernel does the TLS
>> encryption/decryption - but it is not on by default, and if used the kernel
>> does
>> the IO too.
>>
>> Thanks Matt.
>> So only one context switch happens, which is sending buffer to networking
>> socket ?
Correct.
Matt
