Displaying 2 results from an estimated 2 matches for "have_evp_chacha20".
2020 Jan 16
3
[patch 1/2] use chacha20 from openssl (1.1.0+) when possible
...a58616fb..7e6995f6 100644
--- a/cipher-chachapoly.c
+++ b/cipher-chachapoly.c
@@ -109,7 +109,14 @@ chachapoly_crypt(struct chachapoly_ctx *ctx, u_int
seqnr, u_char *dest,
const u_char *src, u_int len, u_int aadlen, u_int authlen, int
do_encrypt)
{
#if defined(WITH_OPENSSL) && defined(HAVE_EVP_CHACHA20)
+#if defined(LIBRESSL_VERSION_NUMBER)
+#define CHACHA_IV_OFFSET 4
+ u_char seqbuf[12];
+#else
+#define CHACHA_IV_OFFSET 8
+ /* OpenSSL IV contains also the counter in the first 4 bytes */
u_char seqbuf[16];
+#endif
int r = SSH_ERR_LIBCRYPTO_ERROR;
#else
u_char seqbuf[8];
@@ -125,7 +132,7 @@...
2019 Jan 17
3
[patch 1/2] use chacha20 from openssl (1.1.0+) when possible
On some cpu's optimized chacha implementation in openssl (1.1.0+) is
notably faster (and on others it is just faster) than generic C
implementation in openssh.
Sadly, openssl's chacha20-poly1305 (EVP_chacha20_poly1305) uses
different scheme (with padding/etc - see rfc8439) and it looks it is not
possible to use in openssh.
OpenSSL 1.1.1+ also exports "raw" poly1305 primitive,