[strongSwan-dev] ECDH offload via OpenSSL plugin

Mahantesh Salimath mahantesh at nvidia.com
Mon Nov 30 23:42:33 CET 2020


I'm new to strongswan community.
I'm a software engineer at a USA based firm.

I'm working on ECDH offload to hardware via openssl plugin in strongswan.
One way openssl allows hardware offload is using dynamic engine feature.
For ECDH specifically, openssl allows this offload by exposing ways
to override ECDH_compute_key() method.
In strongswan I see that this method is not used because it only returns
x-coordinate of the ECC point multiplication. However, as per the default
setting, only x-coordinate is required.

I looked at the issue tracker to see if this is reported. But, didn't find any.

I have tried to address the issue and I have opened a pull request #186 on github
after going through  contribution guidelines.

Please let me know your opinion/feedback.

Best Regards,
Mahantesh Salimath

More information about the Dev mailing list