Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to test the chained cipher AES-256-CBC-HMAC-SHA256 #67

Open
foxriver1025 opened this issue Jul 25, 2023 · 1 comment
Open

How to test the chained cipher AES-256-CBC-HMAC-SHA256 #67

foxriver1025 opened this issue Jul 25, 2023 · 1 comment

Comments

@foxriver1025
Copy link

Please tell me which ssl_ciphers will use the chained cipher AES-256-CBC-HMAC-SHA256 , thanks.
@Yogaraj-Alamenda
Copy link
Contributor

Yogaraj-Alamenda commented Jan 25, 2024
edited
Loading

@foxriver1025 Apologies for the late reply . AES256-SHA256 is the cipher to check
Please note that, QAT Engine doesn't support ENCRYPT_THEN_MAC(default) mode of operation meaning when Encrypt then MAC is negotiated for symmetric ciphers say AES-CBC, the requests will not get offloaded via QAT_HW, instead uses OpenSSL SW. Disable ENCRYPT_THEN_MAC with the flag SSL_OP_NO_ENCRYPT_THEN_MAC programmatically using SSL_CTX_set_options() to offload symmetric chained ciphers via QAT_HW. Please note disabling ENCRYPT_THEN_MAC has security implications.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Yogaraj-Alamenda @foxriver1025