On 10/04/2019 10:32, valmiki wrote: > Hi All, > > I'm trying to understand server and client code over tcp using openssl. > > How does the flow work when we do SSL_write or SSL_read. > > SSL_write -> send buffer to kernel crypto subsystem -> take encrypted buffer and send it over network socket. > > Is the above understanding correct ? No, this isn't correct. All crypto is done in user space* using libcrypto. Matt * Actually there is a new option in master where the kernel does the TLS encryption/decryption - but it is not on by default, and if used the kernel does the IO too. > > If its correct we have following context switch from user to kernel space and vice versa > > -> open ssl libary to kernel crypto subsystem > > -> kernel crypto subsystem to ssl library > > -> ssl library to network subsystem > > Does this mean for sending a buffer we need to three context switches from user to kernel and vice versa ? > > Doesn't this effect performance ? > > Please correct me if my understanding is wrong. > > Regards, > valmiki > > > > > >
