hi
I'm using the latest version of openssl to enable ktls recv, but failed. Then I analyze the code, found the sequence of handshake and key agreement process for ktls recv is different from kernel.
In openssl:
1)client->server: client hello
2)server->client: server hello, certificate, server key exchange, server hello done
3)client->server: client key exchange, change chiper spec, encrypted handshake message
4)server->client: change chiper spec, encrypted handshake message
Then openssl will set ktls recv in 3)change chiper spec, then handshake, but in kernel client will handshake with server firstly, then client and server set their chiper spec.
So I want to know the sequence is as I say, then any changes will happen on the sequence? Or how coud ktls recv could work under original code.
Best Regards,
Junhao
hi I'm using the latest version of openssl to enable ktls recv, but failed. Then I analyze the code, found the sequence of handshake and key agreement process for ktls recv is different from kernel. In openssl: 1)client->server: client hello 2)server->client: server hello, certificate, server key exchange, server hello done 3)client->server: client key exchange, change chiper spec, encrypted handshake message 4)server->client: change chiper spec, encrypted handshake message Then openssl will set ktls recv in 3)change chiper spec, then handshake, but in kernel client will handshake with server firstly, then client and server set their chiper spec. So I want to know the sequence is as I say, then any changes will happen on the sequence? Or how coud ktls recv could work under original code. Best Regards, Junhao