Hi Fiona,
Thank you for the reply. I have a crypto device that is connected to PCI. It can do standard crypto operations like AES, DES, and so on. I have openssl engine (a plugin) for this. Our environment is We have DPDK application for routing, forwarding, IPSec etc. (All routing and tunnelling) We also have IoT application which would like to use the Openssl for doing some crypto operations. My intention is 1. To use the existing openssl infrastructure (without writing the crypto PMD) to use the hardware acclearation. 2. Share the same device not only for doing the IPsec but also for doing crypto operations outside the DPDK EAL. Yes the OpenSSL will have extra layer and do a copy of buffer, but the crypto operations will still happen in the driver. Let me know if i make sense. Srivathsan ________________________________ From: Trahe, Fiona <fiona.tr...@intel.com> Sent: Wednesday, April 26, 2017 9:52 PM To: Aravamudan Srivathsan; dev@dpdk.org Cc: Trahe, Fiona; Doherty, Declan Subject: RE: OpenSSL Cryptodev PMD and openssl engine ** WARNING: This mail is from an external source ** Hi Srivathsan, > -----Original Message----- > From: dev [mailto:dev-boun...@dpdk.org] On Behalf Of Aravamudan > Srivathsan > Sent: Wednesday, April 26, 2017 8:49 AM > To: dev@dpdk.org > Subject: [dpdk-dev] OpenSSL Cryptodev PMD and openssl engine > > Hi All, > > We have a openssl engine available. Is it possible to use the openssl Crypto > PMD to do the hardware offloading? I am trying to see if i can avoid writing > the cryptopmd also to reuse the use of the device shared between the DPDK > and other process. > > Thank you > Srivathsan It might be possible to plug your openssl engine in below the openssl PMD, but you would lose the advantage of offloading bursts to the hardware and would add an extra translation layer on the data path so it would likely not be a performant solution. Can you clarify a little how you want to share the device? i.e. is the other process using the device directly with openssl and is the DPDK process for IPSec or is this also for ssl?
