# define OPENSSL_KTLS_TLS13
# if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 2, 0)
# define OPENSSL_KTLS_AES_CCM_128
+# if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 11, 0)
+# ifndef OPENSSL_NO_CHACHA
+# define OPENSSL_KTLS_CHACHA20_POLY1305
+# endif
+# endif
# endif
# endif
# endif
# ifdef OPENSSL_KTLS_AES_CCM_128
struct tls12_crypto_info_aes_ccm_128 ccm128;
+# endif
+# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
+ struct tls12_crypto_info_chacha20_poly1305 chacha20poly1305;
# endif
};
size_t tls_crypto_info_len;
return 0;
}
- /* check that cipher is AES_GCM_128, AES_GCM_256, AES_CCM_128 */
+ /* check that cipher is AES_GCM_128, AES_GCM_256, AES_CCM_128
+ * or Chacha20-Poly1305
+ */
switch (EVP_CIPHER_nid(c))
{
# ifdef OPENSSL_KTLS_AES_CCM_128
# endif
# ifdef OPENSSL_KTLS_AES_GCM_256
case NID_aes_256_gcm:
+# endif
+# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
+ case NID_chacha20_poly1305:
# endif
return 1;
default:
if (rec_seq != NULL)
*rec_seq = crypto_info->ccm128.rec_seq;
return 1;
+# endif
+# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
+ case NID_chacha20_poly1305:
+ crypto_info->chacha20poly1305.info.cipher_type = TLS_CIPHER_CHACHA20_POLY1305;
+ crypto_info->chacha20poly1305.info.version = s->version;
+ crypto_info->tls_crypto_info_len = sizeof(crypto_info->chacha20poly1305);
+ memcpy(crypto_info->chacha20poly1305.iv, iiv,
+ TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE);
+ memcpy(crypto_info->chacha20poly1305.key, key, EVP_CIPHER_key_length(c));
+ memcpy(crypto_info->chacha20poly1305.rec_seq, rl_sequence,
+ TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE);
+ if (rec_seq != NULL)
+ *rec_seq = crypto_info->chacha20poly1305.rec_seq;
+ return 1;
# endif
default:
return 0;