git: c8cf2d161390 - stable/14 - Add support for Chacha20-Poly1305 to kernel TLS on FreeBSD.

From: John Baldwin <jhb_at_FreeBSD.org>
Date: Tue, 24 Oct 2023 19:25:54 UTC
The branch stable/14 has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=c8cf2d16139042dd9eb3ba0324c88c4cfffe7d93

commit c8cf2d16139042dd9eb3ba0324c88c4cfffe7d93
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2020-12-23 22:09:51 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2023-10-24 19:02:09 +0000

    Add support for Chacha20-Poly1305 to kernel TLS on FreeBSD.
    
    FreeBSD's kernel TLS supports Chacha20 for both TLS 1.2 and TLS 1.3.
    
    Obtained from:  OpenSSL commit 77f3936928068bee9d7e0c6939709ac179cb1059
    
    (cherry picked from commit 3de4f78d46c58f23017942967ec74cbc3d2e175d)
---
 crypto/openssl/include/internal/ktls.h |  5 +++++
 crypto/openssl/ssl/ktls.c              | 10 ++++++++++
 2 files changed, 15 insertions(+)

diff --git a/crypto/openssl/include/internal/ktls.h b/crypto/openssl/include/internal/ktls.h
index 95492fd0659f..3c82cae26b47 100644
--- a/crypto/openssl/include/internal/ktls.h
+++ b/crypto/openssl/include/internal/ktls.h
@@ -40,6 +40,11 @@
 #   define OPENSSL_KTLS_AES_GCM_128
 #   define OPENSSL_KTLS_AES_GCM_256
 #   define OPENSSL_KTLS_TLS13
+#   ifdef TLS_CHACHA20_IV_LEN
+#    ifndef OPENSSL_NO_CHACHA
+#     define OPENSSL_KTLS_CHACHA20_POLY1305
+#    endif
+#   endif
 
 typedef struct tls_enable ktls_crypto_info_t;
 
diff --git a/crypto/openssl/ssl/ktls.c b/crypto/openssl/ssl/ktls.c
index ddbfd1447c54..daa758294a4c 100644
--- a/crypto/openssl/ssl/ktls.c
+++ b/crypto/openssl/ssl/ktls.c
@@ -37,6 +37,10 @@ int ktls_check_supported_cipher(const SSL *s, const EVP_CIPHER *c,
     case SSL_AES128GCM:
     case SSL_AES256GCM:
         return 1;
+# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
+    case SSL_CHACHA20POLY1305:
+        return 1;
+# endif
     case SSL_AES128:
     case SSL_AES256:
         if (s->ext.use_etm)
@@ -74,6 +78,12 @@ int ktls_configure_crypto(const SSL *s, const EVP_CIPHER *c, EVP_CIPHER_CTX *dd,
         else
             crypto_info->iv_len = EVP_GCM_TLS_FIXED_IV_LEN;
         break;
+# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
+    case SSL_CHACHA20POLY1305:
+        crypto_info->cipher_algorithm = CRYPTO_CHACHA20_POLY1305;
+        crypto_info->iv_len = EVP_CIPHER_CTX_get_iv_length(dd);
+        break;
+# endif
     case SSL_AES128:
     case SSL_AES256:
         switch (s->s3.tmp.new_cipher->algorithm_mac) {