aboutsummaryrefslogtreecommitdiff
path: root/sys/sys/ktls.h
diff options
context:
space:
mode:
authorJohn Baldwin <jhb@FreeBSD.org>2021-02-18 17:23:59 +0000
committerJohn Baldwin <jhb@FreeBSD.org>2021-02-18 17:26:32 +0000
commit9c64fc40290e08f6dc6b75aa04084b04e48a61af (patch)
tree637b5142a7556eb4928643ca0a932db5a615bf0d /sys/sys/ktls.h
parent1bd9fc96d4e4a26bb0060698c07b6f13d19cd819 (diff)
downloadsrc-9c64fc40290e08f6dc6b75aa04084b04e48a61af.tar.gz
src-9c64fc40290e08f6dc6b75aa04084b04e48a61af.zip
Add Chacha20-Poly1305 as a KTLS cipher suite.
Chacha20-Poly1305 for TLS is an AEAD cipher suite for both TLS 1.2 and TLS 1.3 (RFCs 7905 and 8446). For both versions, Chacha20 uses the server and client IVs as implicit nonces xored with the record sequence number to generate the per-record nonce matching the construction used with AES-GCM for TLS 1.3. Reviewed by: gallatin Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D27839
Diffstat (limited to 'sys/sys/ktls.h')
-rw-r--r--sys/sys/ktls.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h
index 8d591888466c..d3da1286403c 100644
--- a/sys/sys/ktls.h
+++ b/sys/sys/ktls.h
@@ -44,6 +44,7 @@ struct tls_record_layer {
#define TLS_MAX_PARAM_SIZE 1024 /* Max key/mac/iv in sockopt */
#define TLS_AEAD_GCM_LEN 4
#define TLS_1_3_GCM_IV_LEN 12
+#define TLS_CHACHA20_IV_LEN 12
#define TLS_CBC_IMPLICIT_IV_LEN 16
/* Type values for the record layer */