diff --git a/src/ssl.c b/src/ssl.c index 4d5e548f0..7985e8175 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -25788,6 +25788,9 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = { { NID_des, DESb, oidBlkType, "DES-CBC", "des-cbc"}, { NID_des3, DES3b, oidBlkType, "DES-EDE3-CBC", "des-ede3-cbc"}, #endif /* !NO_DES3 */ + #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + { NID_chacha20_poly1305, NID_chacha20_poly1305, oidBlkType, "ChaCha20-Poly1305", "chacha20-poly1305"}, + #endif /* oidOcspType */ #ifdef HAVE_OCSP diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 95aa4e442..ae7311e38 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -243,6 +243,9 @@ int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c) case DES_EDE3_CBC_TYPE: return 24; case DES_ECB_TYPE: return 8; case DES_EDE3_ECB_TYPE: return 24; + #endif + #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + case CHACHA20_POLY1305_TYPE: return 32; #endif default: return 0; @@ -1289,6 +1292,12 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher) else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARC4)) return ARC4_TYPE; #endif + +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_CHACHA20_POLY1305)) + return CHACHA20_POLY1305_TYPE; +#endif + else return 0; } @@ -1357,6 +1366,11 @@ int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher) case DES_ECB_TYPE: return 8; case DES_EDE3_ECB_TYPE: return 8; #endif + +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + case CHACHA20_POLY1305_TYPE: + return 1; +#endif default: return 0; } @@ -1424,6 +1438,10 @@ unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher) #ifndef NO_RC4 case ARC4_TYPE: return EVP_CIPH_STREAM_CIPHER; + #endif + #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + case CHACHA20_POLY1305_TYPE: + return WOLFSSL_EVP_CIPH_STREAM_CIPHER; #endif default: return 0; @@ -4152,6 +4170,10 @@ static const struct cipher{ {ARC4_TYPE, EVP_ARC4, NID_undef}, #endif +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + {CHACHA20_POLY1305_TYPE, EVP_CHACHA20_POLY1305, NID_chacha20_poly1305}, +#endif + { 0, NULL, 0} }; @@ -4248,6 +4270,9 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbyname(const char *name) #endif #ifndef NO_RC4 {EVP_ARC4, "RC4"}, +#endif +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + {EVP_CHACHA20_POLY1305, "chacha20-poly1305"}, #endif { NULL, NULL} }; @@ -4362,6 +4387,11 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbynid(int id) #endif #endif /*NO_DES3*/ +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + case NID_chacha20_poly1305: + return wolfSSL_EVP_chacha20_poly1305(); +#endif + default: WOLFSSL_MSG("Bad cipher id value"); } @@ -8355,6 +8385,11 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx) WOLFSSL_MSG("AES XTS"); return AES_BLOCK_SIZE; #endif /* WOLFSSL_AES_XTS */ +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + case CHACHA20_POLY1305_TYPE: + WOLFSSL_MSG("CHACHA20 POLY1305"); + return CHACHA20_POLY1305_AEAD_IV_SIZE; +#endif /* HAVE_CHACHA HAVE_POLY1305 */ case NULL_CIPHER_TYPE : WOLFSSL_MSG("NULL"); @@ -8439,6 +8474,11 @@ int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER* cipher) } #endif +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + if (XSTRCMP(name, EVP_CHACHA20_POLY1305) == 0) + return CHACHA20_POLY1305_AEAD_IV_SIZE; +#endif + (void)name; return 0;