CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	John Baldwin <jhb@FreeBSD.org>
	Wed, 6 Oct 2021 21:08:49 +0000 (14:08 -0700)
committer	John Baldwin <jhb@FreeBSD.org>
	Wed, 6 Oct 2021 21:08:49 +0000 (14:08 -0700)
commit	42dcd39528c6188a259951e28bbad309234324e4
tree	f5b73382299d8bf5dfa41742e432c59ac4107885	tree \| snapshot
parent	668770dc7de2ec8b5f5edf71e09b8a404120f6fa	commit \| diff

crypto: Support Chacha20-Poly1305 with a nonce size of 8 bytes.

This is useful for WireGuard which uses a nonce of 8 bytes rather
than the 12 bytes used for IPsec and TLS.

Note that this also fixes a (should be) harmless bug in ossl(4) where
the counter was incorrectly treated as a 64-bit counter instead of a
32-bit counter in terms of wrapping when using a 12 byte nonce.
However, this required a single message (TLS record) longer than 64 *
(2^32 - 1) bytes (about 256 GB) to trigger.

Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32122

share/man/man7/crypto.7		diff \| blob \| history
sys/crypto/openssl/ossl_chacha20.c		diff \| blob \| history
sys/opencrypto/crypto.c		diff \| blob \| history
sys/opencrypto/cryptosoft.c		diff \| blob \| history
sys/opencrypto/xform_chacha20_poly1305.c		diff \| blob \| history
tools/tools/crypto/cryptocheck.c		diff \| blob \| history