Hi Bala, >> Is DPDK has any supported API's do to the SSL handshake Yes. Of course DPDK by itself will not be able to process full TLS handshake, but some of the necessary parts are there.
* For key exchange one can use: RTE_CRYPTO_ASYM_XFORM_DH RTE_CRYPTO_ASYM_XFORM_ECDH RTE_CRYPTO_ASYM_XFORM_ECPM RTE_CRYPTO_ASYM_XFORM_ECFPM Of course there is the RSA, but not supported for KE since TLS1.3. * For digital signatures: RTE_CRYPTO_ASYM_XFORM_ECDSA RTE_CRYPTO_ASYM_XFORM_RSA >> store the session key which can be used to decrypt or encrypt the packets This will be done by the driver in private session data, as this is the session key. >> Is ECDH is supported in opnessl PMD. Currently unfortunately it is not. Thanks, Arek From: Balakrishnan K <[email protected]> Sent: Tuesday, December 20, 2022 7:47 AM To: Kusztal, ArkadiuszX <[email protected]> Cc: [email protected] Subject: Queries on OPENSSL PMD Hi Arik, In openssl PMD I could see the API's for encrypt and decrypt which is accept the key and iv and do the specified operation. I have few queries on how to get those keys suppose if, we are creating SSL/TLS session . Is DPDK has any supported API's do to the SSL handshake and store the session key which can be used to decrypt or encrypt the packets. Is ECDH is supported in opnessl PMD. Regards, Bala
