Page MenuHomeFreeBSD

Add Chacha20-Poly1305 support in the OCF backend for KTLS.
ClosedPublic

Authored by jhb on Dec 30 2020, 12:54 AM.

Details

Summary

This supports Chacha20-Poly1305 for both send and receive for TLS 1.2
and for send in TLS 1.3.

Test Plan

Tested via openssl s_server with KTLS in a VM against a host running software openssl s_client with chacha20 ciphers.

Diff Detail

Repository
R10 FreeBSD src repository
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

jhb requested review of this revision.Dec 30 2020, 12:54 AM
jhb added a reviewer: gallatin.

Maybe add a comment for the else cases saying that they are chacha?

sys/opencrypto/ktls_ocf.c
370–382

Maybe a switch, or at least a comment for the else cases that they are chacha?

This revision is now accepted and ready to land.Feb 17 2021, 11:54 PM
jhb marked an inline comment as done.Feb 18 2021, 5:29 PM
jhb added inline comments.
sys/opencrypto/ktls_ocf.c
370–382

I'll add a comment about Chacha using the TLS 1.3 IV construction in TLS 1.2.

This revision was automatically updated to reflect the committed changes.
jhb marked an inline comment as done.