On 10/04/2019 11:03, valmiki wrote: > >>> Hi All, >>> >>> I'm trying to understand server and client code over tcp using openssl. >>> >>> How does the flow work when we do SSL_write or SSL_read. >>> >>> SSL_write -> send buffer to kernel crypto subsystem -> take encrypted buffer and send it over network socket. >>> >>> Is the above understanding correct ? >> No, this isn't correct. All crypto is done in user space* using libcrypto. >> >> Matt >> >> * Actually there is a new option in master where the kernel does the TLS >> encryption/decryption - but it is not on by default, and if used the kernel does >> the IO too. >> >> Thanks Matt. >> So only one context switch happens, which is sending buffer to networking >> socket ? Correct. Matt
