On 23/03/17 03:47, Kane Huang wrote: > Hi guys, > > I want to use "multiblock" introduced from 1.0.2 to improve performance > of ipsec packet process, which use aes_cbc_hmac_sha as main algorithm. > > I have try openssl speed test with ‘-mb’ and I observe that the test > code use big buffer size from 8192 to 131072, that show dramatic > performance improvement > > My questions are: > > 1) Can i get so much improvement when use multiblock on single > stream with small data ,like date with size 512 or 1024 bytes. Multiblock works by sending multiple TLS records to be encrypted in one go - either 4 or 8 records depending on how much data you send in one go. Basically it looks at the amount of data you passed to SSL_write() and sees how many records it needs to divide it up into (with a record being max_send_fragment bytes long; by default max_send_fragment is 16k although you can change that value). If there are at least 4 records worth of data then multiblock will be used (assuming the negotiated ciphersuite supports it). A stream of small records like you describe would not satisfy the above criteria, so multi-block would not kick in. > > 2) How to use the multiblock APIs? From speed.c , I saw some APIs > call like EVP_CIPHER_CTX_ctrl() with type > EVP_CTRL_TLS1_1_MULTIBLOCK_AAD and EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT, > is there any document regarding these? Unfortunately not, no. However it depends on what you are trying to achieve. If you just want to use the built-in ciphersuites that support this then you need to: 1) Make sure you are on a platform that supports it (IIRC AESNI support is required for these to work - Andy Polyakov can probably clarify) 2) Ensure TLS negotiates a multiblock capable ciphersuite 3) Ensure your application sends sufficient data in one go for multi-block to kick in If you satisfy all of the above then no API is required. It should just work. If, on the other hand, you want to implement a new cipher that supports multiblock then you will probably want to do it as an engine and use the implementations of e_aes_cbc_hmac_sha1.c and e_aes_cbc_hmac_sha256.c as a guide. Ciphers that implement multiblock need to be TLS "aware", in that they must output the appropriate record headers too. If you're going down this route then I'd like to point out the similar facility that we have in OpenSSL 1.1.0 known as pipelining: https://www.openssl.org/docs/man1.1.0/ssl/SSL_set_max_pipelines.html This gives you a bit more control over how the data is split up into records and the ciphers do not need to be TLS aware. Also both encryption and decryption is supported. However there are no built-in ciphersuites that use this as yet. Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users