aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/dev
diff options
context:
space:
mode:
authorLijian Zhang <Lijian.Zhang@arm.com>2023-11-01 07:17:31 +0000
committerFan Zhang <fanzhang.oss@gmail.com>2024-02-19 15:37:19 +0000
commit97c9f5e7c714237147c6311bcfbc68d42e14703d (patch)
tree3a179050490e3d1db7289fe652b6a3180f993fea /src/vnet/dev
parent6f8252e83c17efa859cf937683b1caf723c439f2 (diff)
crypto-openssl: refactor openssl API usage
For the openssl crypto engine based cipher encrypt/decrypt and HMAC IPSec use cases, the openssl API calls of doing ctx init and key expansion are moved to initialization stage. In current implementation , the ctx is initialized with "key" and "iv" in EVP_EncryptInit_ex (ctx, 0, 0, key->data, op->iv) in data plane, while the ctx can be initialized with 'key' and 'iv' separately, which means there could be two API calls: 1. EVP_EncryptInit_ex (ctx, 0, 0, key->data, 0) 2. EVP_EncryptInit_ex (ctx, 0, 0, 0, op->iv) As the 'key' for certain IPSec SA is fixed and known, so call #1 can be placed in IPSec SA initialization stage. While call #2 should be kept in data plane for each packet, as the "iv" is random for each packet. Type: feature Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com> Change-Id: Ided4462c1d4a38addc3078b03d618209e040a07a
Diffstat (limited to 'src/vnet/dev')
0 files changed, 0 insertions, 0 deletions