HomeFreeBSD

Add Chacha20-Poly1305 as a KTLS cipher suite.

Description

Add Chacha20-Poly1305 as a KTLS cipher suite.

Chacha20-Poly1305 for TLS is an AEAD cipher suite for both TLS 1.2 and
TLS 1.3 (RFCs 7905 and 8446). For both versions, Chacha20 uses the
server and client IVs as implicit nonces xored with the record
sequence number to generate the per-record nonce matching the
construction used with AES-GCM for TLS 1.3.

Reviewed by: gallatin
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D27839

(cherry picked from commit 9c64fc40290e08f6dc6b75aa04084b04e48a61af)

Details

Provenance
jhbAuthored on Feb 18 2021, 5:23 PM
Reviewer
gallatin
Differential Revision
D27839: Add Chacha20-Poly1305 as a KTLS cipher suite.
Parents
rGff590791ff6d: cxgbe: Only run ktls_tick when NIC TLS is enabled.
Branches
Unknown
Tags
Unknown