Hi, Socket file descriptor is unique during the entire connection time. You could save the data using the fd as key to a hashtable entry.
Regards Na(o) quinta, 13 de dez de 2018, 05:16, ASHIQUE CK <ckashique...@gmail.com> escreveu: > 4. f-stack nginx server 1.11.10 > > On Thu, Dec 13, 2018 at 9:00 AM ASHIQUE CK <ckashique...@gmail.com> wrote: > >> Hi, >> 1. The engine that we wrote is by the reference of qat, is just an >> interface which receives the openssl parameters of AES and RSA and offload >> them to an FPGA hardware accelerator. >> 2. >> 3. Openssl 1.1.0 h >> 4. Uses f-stack nginx 1.10.1 >> 5. We ran nginx server which have a 1 Gb file in its root directory. Then >> connected 3 clients to this server. These clients waits after handshake is >> done. After I run 3rd client, I gave a Get request through 1 st client to >> download that 1 gb file. But it showed error message, "decryption failed or >> bad record mac". When I debugged using gdb, I understood that Tag >> verification is getting failed. But the matter is, I am storing the Key and >> IV at the time of handshake itself, to a buffer in my engine. When an >> SSLRead or SSLWrite occur, I will copy the saved Key and Iv to fill the >> respective descriptors. >> But, in this case what happens is, if there is 3rd client handshake >> occurred, its key and iv stored in a buffer. And when I give a Sslwrite in >> the 1st client, it used the last saved key and iv, but it is actually key >> and iv of 3 rd client. But I can download the file if I give get request >> through the last handshaked client. >> So what I can do is, save the key and iv of different clients in >> different buffers. If the SSLread/write from any client comes, then just >> offload the key and iv from the respective buffer. But for that, i need a >> unique id for each client, which must be the same for a client in the >> entire connection. >> How can i get the unique id. Beyond the parameters *in, *out, inl (in >> the case of plaintext/ cipher text offloading) and *ptr, *type, *arg (in >> the case of header/aad offload) only what I have is ctx. With this ctx, can >> i get a unique id or is there any way to solve this problem. >> 6. Didn't tried with Apache server. >> >> Thanks >> >> On Thu 13 Dec, 2018, 1:30 AM Michael Richardson <m...@sandelman.ca wrote: >> >>> >>> ASHIQUE CK <ckashique...@gmail.com> wrote: >>> > We are using a Crypto Accelerator Engine to offload AESGCM and RSA >>> > parameters. Trying to connect multiple clients simultaneously with a >>> > single Nginx server, which is using this accelerator. The Key and IV >>> >>> You probably need to tell us: >>> >>> 1) which engine? did you write this engine? >>> 2) whose driver? >>> 3) what version of openssl? >>> 4) what version of nginx? >>> 5) how did you observe the problem you described? >>> 6) is it different for, for instance, apache? or some other server >>> software? >>> >>> > is passing only at handshake, and after handshake this set of key and >>> > IV is using for all encryption and decryption. So at Engine side, we >>> > are storing this Key and IV to a buffer and while >>> > encrypting/decrypting , this Key and IV is used from this buffer. But, >>> > while multiple client connects, the last saved Key/IV is getting for >>> > all clients. >>> > So, is there any way to get a unique ID foer each client connection ? >>> > >>> -- >>> openssl-users mailing list >>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >>> >> -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users