Page MenuHomeFreeBSD

ossl: Add support for the ChaCha20 + Poly1305 AEAD cipher from RFC 8439

Authored by jhb on Feb 17 2021, 10:32 PM.

Diff Detail

rG FreeBSD src repository
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

jhb requested review of this revision.Feb 17 2021, 10:32 PM
This revision was not accepted when it landed; it landed in state Needs Review.Mar 3 2021, 11:21 PM
This revision was automatically updated to reflect the committed changes.
se added a subscriber: se.

The commit of this change caused my kernel builds to fail at the final link stage due to duplicate symbols in openssl and opencrypto:

Building /usr/obj/usr/git/src/amd64.amd64/sys/SE/kernel.full
--- kernel.full ---
linking kernel.full
ld: error: duplicate symbol: Poly1305_Final
>>> defined at ossl_poly1305.c:123 (/usr/git/src/sys/crypto/openssl/ossl_poly1305.c:123)
>>>            ossl_poly1305.o:(Poly1305_Final)
>>> defined at xform_poly1305.c:66 (/usr/git/src/sys/opencrypto/xform_poly1305.c:66)
>>>            xform_poly1305.o:(.text+0x90)

ld: error: duplicate symbol: Poly1305_Init
>>> defined at ossl_poly1305.c:50 (/usr/git/src/sys/crypto/openssl/ossl_poly1305.c:50)
>>>            ossl_poly1305.o:(Poly1305_Init)
>>> defined at xform_poly1305.c:21 (/usr/git/src/sys/opencrypto/xform_poly1305.c:21)
>>>            xform_poly1305.o:(.text+0x0)

ld: error: duplicate symbol: Poly1305_Update
>>> defined at ossl_poly1305.c:81 (/usr/git/src/sys/crypto/openssl/ossl_poly1305.c:81)
>>>            ossl_poly1305.o:(Poly1305_Update)
>>> defined at xform_poly1305.c:48 (/usr/git/src/sys/opencrypto/xform_poly1305.c:48)
>>>            xform_poly1305.o:(.text+0x60)
*** [kernel.full] Error code 1

I'll rebuild with a clean /usr/obj (instead of META_MODE), but if that succeeds there still might be an issue with dependencies that lead to META_MODE failing to work.

Hmm, ok, I'll have to rename the ones in xform_poly1305.c then since that's all local code and easier to change whereas ossl is copied from OpenSSL and I'd like to minimize diffs there. I probably won't be able to get to it until tomorrow though.