Hi Peter and Rich,
thx for your answer, I needed to decipher them first though ;-)
(http://marc.info/?l=openssl-dev&m=140181264527042&w=2,
http://marc.info/?l=openssl-dev&m=140186408414195&w=2).
1-2 points to this:
If it's broken (@Peter) why is it in the git tree or why was it accepted?
Google's server have Chacha/Poly in production, so has Chrome.
So it would be cool to have something working within OpenSSL,
also if it's not right now production ready.
As of now it doesn't work -- at least not for me. Besides the minor "make
depend" obstacle: If I start a server (s_server -accept 443 -www) and
use s_client to connect, I see the server is offering the three 0xcc1{3-5}
cipher suites, but both client and server throw error messages upon
connect with each of those cipher suites.
I maybe have a very selfish reason as I wrote a small shell script
(https://testssl.sh/)
testing cipher suites and other stuff, mostly using openssl. But I guess
as it is deployed by google everywhere there are more important reasons to
get it working within openssl, no?
Cheers, Dirk
On Tue, Jun 03, 2014 at 10:55:13AM +0200, Dirk Wetter wrote:
> Hi,
>
> pls see attached.
>
> Is there somebody working on it to get Chacha/Poly cipher suites production
> ready?
>
>
> Cheers,
>
> Dirk
>
> --- crypto/chacha/Makefile.orig 2014-06-03 10:49:51.082287334 +0200
> +++ crypto/chacha/Makefile 2014-06-03 10:50:07.496433689 +0200
> @@ -21,7 +21,7 @@
> APPS=
>
> LIB=$(TOP)/libcrypto.a
> -LIBSRC=
> +LIBSRC=chacha_vec.c
> LIBOBJ=$(CHACHA_ENC)
>
> SRC= $(LIBSRC)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
