diff options
author | Alexandru Badicioiu <alexandru.badicioiu@linaro.org> | 2015-12-15 14:01:19 +0200 |
---|---|---|
committer | Maxim Uvarov <maxim.uvarov@linaro.org> | 2015-12-17 11:38:25 +0300 |
commit | 07971b739edf562807e3e73276b2be7e6bdba070 (patch) | |
tree | a4099a8a082973dfebe1f854f0689860f9ace214 /doc | |
parent | c043f5a07d6c9338f564359b7726dbcf7612c569 (diff) |
doc/users-guide: add cryptographic services section
Signed-off-by: Alexandru Badicioiu <alexandru.badicioiu@linaro.org>
Reviewed-by: Bill Fischofer <bill.fischofer@linaro.org>
Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/users-guide/users-guide.adoc | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/doc/users-guide/users-guide.adoc b/doc/users-guide/users-guide.adoc index 2e30f3a74..7ec795746 100644 --- a/doc/users-guide/users-guide.adoc +++ b/doc/users-guide/users-guide.adoc @@ -738,6 +738,27 @@ NOTE: Both ordered and parallel queues improve throughput over atomic queues due to parallel event processing, but require that the application take steps to ensure context data synchronization if needed. +=== Cryptographic services + +ODP provides support for cryptographic operations required by various security +protocols (e.g. IPSec). To apply a cryptographic operation to a packet a session +must be created first. Packets processed by a session share the same cryptographic +parameters like algorithms, keys, initialization vectors. A session is created with +odp_crypto_session_create() call. After session creation a cryptographic operation +can be applied to a packet using odp_crypto_operation() call. +Depending on the session type - synchronous or asynchronous the operation returns +when the operation completed or after the request has been submitted. In the +asynchronous case an operation completion event will be enqueued on the session +completion queue. The completion event conveys the status of the operation and +the result. The application has the responsibility to free the completion event. +The operation arguments specify for each packet the areas which are to be encrypted +or decrypted and authenticated. Also, in asynchronous case a context can be +associated with a given operation and when the operation completion event is +retrieved the associated context can be retrieved. An operation can be executed +in-place, when the output packet is the same as the input packet or the output +packet can be a new packet provided by the application or allocated by the +implementation from the session output pool. + == Glossary [glossary] worker thread:: |