HomeFreeBSD
Diffusion FreeBSD src repository 42dcd39528c6

crypto: Support Chacha20-Poly1305 with a nonce size of 8 bytes.
42dcd39528c6
Actions

Description

crypto: Support Chacha20-Poly1305 with a nonce size of 8 bytes.

This is useful for WireGuard which uses a nonce of 8 bytes rather
than the 12 bytes used for IPsec and TLS.

Note that this also fixes a (should be) harmless bug in ossl(4) where
the counter was incorrectly treated as a 64-bit counter instead of a
32-bit counter in terms of wrapping when using a 12 byte nonce.
However, this required a single message (TLS record) longer than 64 *
(2^32 - 1) bytes (about 256 GB) to trigger.

Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32122

Details

Provenance
jhbAuthored on Oct 6 2021, 9:08 PM
Differential Revision
D32122: crypto: Support Chacha20-Poly1305 with a nonce size of 8 bytes.
Parents
rG668770dc7de2: crypto: Test all of the AES-CCM KAT vectors.
Branches
Unknown
Tags
Unknown

Changes (6)

PathSize
share/
man/
man7/
sys/
crypto/
openssl/
opencrypto/
tools/
tools/
crypto/

rG42dcd39528c6

View Options

share/man/man7/crypto.7

Loading...
View Options

sys/crypto/openssl/ossl_chacha20.c

Loading...
View Options

sys/opencrypto/crypto.c

Loading...
View Options

sys/opencrypto/cryptosoft.c

Loading...
View Options

sys/opencrypto/xform_chacha20_poly1305.c

Loading...
View Options

tools/tools/crypto/cryptocheck.c

Loading...