DTLS doesn't play nice with CHACHA20-POLY1305 ciphers

PeterMosmans / openssl

'Extra featured' OpenSSL with ChaCha20 and Poly1305 support

https://onwebsecurity.com/pages/openssl.html

Other

92 stars 18 forks source link

DTLS doesn't play nice with CHACHA20-POLY1305 ciphers #12

Open PeterMosmans opened 9 years ago

PeterMosmans commented 9 years ago

It seems impossible to connect a openssl client to an openssl server when using DTLS1(.2) and a CHACHA20-POLY1305 cipher. Investigate what's going on.

Server side: ./openssl s_server -key CA.key -cert CA.crt -accept 4433 -dtls1_2 -cipher ECDHE-RSA-CHACHA20-POLY1305

Client side: ./openssl s_client -connect 127.0.0.1:4433 -dtls1_2 -cipher ECDHE-RSA-CHACHA20-POLY1305 Loading 'screen' into random state - and hangs

PeterMosmans commented 9 years ago

Deferred for now - disabled DTLS for ChaCha20/Poly1305