Page MenuHomeFreeBSD

Add Chacha20-Poly1305 support in the OCF backend for KTLS.
ClosedPublic

Authored by jhb on Dec 30 2020, 12:54 AM.

Details

Summary

This supports Chacha20-Poly1305 for both send and receive for TLS 1.2
and for send in TLS 1.3.

Test Plan

Tested via openssl s_server with KTLS in a VM against a host running software openssl s_client with chacha20 ciphers.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
No Linters Available
Unit
No Unit Test Coverage
Build Status
Buildable 35783
Build 32672: arc lint + arc unit

Event Timeline

jhb requested review of this revision.Dec 30 2020, 12:54 AM
jhb added a reviewer: gallatin.

Maybe add a comment for the else cases saying that they are chacha?

sys/opencrypto/ktls_ocf.c
359–366

Maybe a switch, or at least a comment for the else cases that they are chacha?

This revision is now accepted and ready to land.Feb 17 2021, 11:54 PM
jhb marked an inline comment as done.Feb 18 2021, 5:29 PM
jhb added inline comments.
sys/opencrypto/ktls_ocf.c
359–366

I'll add a comment about Chacha using the TLS 1.3 IV construction in TLS 1.2.

This revision was automatically updated to reflect the committed changes.
jhb marked an inline comment as done.