Re: EVP_PKEY_CTX* Best Practices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 02/10/2019 03:10, Christian Mazakas wrote:
> I'm relatively new to the world of OpenSSL.
> 
> I'm trying to write a QUIC stream class and for that, I need to use the
> EVP_PKEY_CTX and I'm not sure what's the optimal way of scoping instances of
> this context.
> 
> For example, should I have a CTX per Quic connection? Or rather one that's
> shared by many in a thread-safe manner? What's the cost of generating one per
> connection? Are there docs where I can read about this kind of stuff?

There are no hard and fast rules on this as much is going to depend on the
particular application. However EVP_PKEY_CTX creation is not particularly
expensive. As a point of reference libssl creates and destroys these on a
temporary basis per connection. Most likely the overhead of trying to share
these between multiple threads, and the locking that would therefore be
required, is not going to be worth it.

Matt




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux