Re: [openssl-users] OpenSSL patch for CHACHA cipher support in OpenSSL 1.0.2
Interesting. Yes, I did take a look at Cloudflare patch but wasn't sure if I could use that. Alright. This helps. My only option is to upgrade to OpenSSL 1.1.0 in order to support CHACHA+Poly1305 cipher support. Thanks Rich. -Srivalli On 6/11/18, 1:40 PM, "Salz, Rich" wrote: >Just curious, is there a possibility to patch CHACHA cipher specific changes to OpenSSL 1.0.2 version still and get SSL handshake succeed? It can be done; CloudFlare posted some patches at https://github.com/cloudflare/sslconfig/tree/master/patches but I think they used the pre-IETF version and so might need some tweaks. The OpenSSL project won't do it (we don't add features to existing releases). -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL patch for CHACHA cipher support in OpenSSL 1.0.2
>Just curious, is there a possibility to patch CHACHA cipher specific > changes to OpenSSL 1.0.2 version still and get SSL handshake succeed? It can be done; CloudFlare posted some patches at https://github.com/cloudflare/sslconfig/tree/master/patches but I think they used the pre-IETF version and so might need some tweaks. The OpenSSL project won't do it (we don't add features to existing releases). -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL patch for CHACHA cipher support in OpenSSL 1.0.2
Thanks Matt. Appreciate your answers. Just curious, is there a possibility to patch CHACHA cipher specific changes to OpenSSL 1.0.2 version still and get SSL handshake succeed? I am not looking for an upgrade to OpenSSL 1.1.0 at this point. So, I am interested to know if I can get CHACHA to working with OpenSSL 1.0.2. Thanks for your time. -Srivalli On 6/11/18, 11:59 AM, "openssl-users on behalf of Matt Caswell" wrote: On 11/06/18 16:44, Srivalli Kuppa (srikuppa) via openssl-users wrote: > 1. Do we have a stable OpenSSL patch that can be applied to OpenSSL > 1.0.2 version to support CHACHA cipher both as a server/client? No. Chacha/Poly1305 support is only available from version 1.1.0 upwards. > 2. Can CHACHA+Poly1305 ciphers be used with TLSv1.2 today with > different browsers (Chrome/Firefox etc.,)? Yes. Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL patch for CHACHA cipher support in OpenSSL 1.0.2
On 11/06/18 16:44, Srivalli Kuppa (srikuppa) via openssl-users wrote: > 1. Do we have a stable OpenSSL patch that can be applied to OpenSSL > 1.0.2 version to support CHACHA cipher both as a server/client? No. Chacha/Poly1305 support is only available from version 1.1.0 upwards. > 2. Can CHACHA+Poly1305 ciphers be used with TLSv1.2 today with > different browsers (Chrome/Firefox etc.,)? Yes. Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users