Page MenuHomeFreeBSD

Add Chacha20-Poly1305 support in the OCF backend for KTLS.
ClosedPublic

Authored by jhb on Dec 30 2020, 12:54 AM.
Tags
None
Referenced Files
F161509259: D27841.id81357.diff
Sat, Jul 4, 10:10 AM
Unknown Object (File)
Fri, Jul 3, 7:36 AM
Unknown Object (File)
Fri, Jul 3, 2:09 AM
Unknown Object (File)
Thu, Jul 2, 6:39 AM
Unknown Object (File)
Wed, Jul 1, 11:22 AM
Unknown Object (File)
Wed, Jul 1, 5:58 AM
Unknown Object (File)
Mon, Jun 29, 12:21 PM
Unknown Object (File)
Mon, Jun 29, 5:15 AM
Subscribers

Details

Summary

This supports Chacha20-Poly1305 for both send and receive for TLS 1.2
and for send in TLS 1.3.

Test Plan

Tested via openssl s_server with KTLS in a VM against a host running software openssl s_client with chacha20 ciphers.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

jhb requested review of this revision.Dec 30 2020, 12:54 AM
jhb added a reviewer: gallatin.

Maybe add a comment for the else cases saying that they are chacha?

sys/opencrypto/ktls_ocf.c
370–382

Maybe a switch, or at least a comment for the else cases that they are chacha?

This revision is now accepted and ready to land.Feb 17 2021, 11:54 PM
jhb marked an inline comment as done.Feb 18 2021, 5:29 PM
jhb added inline comments.
sys/opencrypto/ktls_ocf.c
370–382

I'll add a comment about Chacha using the TLS 1.3 IV construction in TLS 1.2.

This revision was automatically updated to reflect the committed changes.
jhb marked an inline comment as done.