openssl 1.1.0

[ghost]

Can I add chacha20 draft in openssl 1.1.0?

[rugk]

That's not necessary. Openssl v1.1.0 includes ChaCha20-Poly1305 by default.

[vkrasnov]

@rugk, he meant the draft version. @you990808, you are welcome to add it, if you want.

[rugk]

Well... why not use the stable one? Or what exactly is the draft version?

[HansVanEijsden]

@rugk, the draft version is used by many Android users. For example, check https://www.ssllabs.com/ssltest/analyze.html?d=www.hansvaneijsden.com&s=84.22.109.49&latest and scroll down. Android 5 and Android 6 clients use the draft version.

The draft version: OLD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcc14) The stable version: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)

That's why I'm still using OpenSSL 1.0.2j with nginx and not OpenSSL 1.1.0. I would love to have the draft version available in 1.1.0 too. So, @you990808 it would be great if you can add the draft. 😃

[injust]

@HansVanEijsden Since Chrome on Android uses its own copy of the OpenSSL library, i.e. not the system one that is reported by Qualys, most devices do use the finalized ChaCha20-Poly1305 cipher.

On an unrelated note, is there a way to prefer ChaCha20-Poly1305 only if the client does not support AES-NI, in OpenSSL 1.1.0? I'm currently using the patch on 1.0.2 to do that, but was just wondering.

[xetorixik]

@Injust Yes, visit https://community.centminmod.com/threads/patch-use-chacha20-poly1305-if-its-the-clients-most-preferred-cipher-openssl-1-1.8603/ for more information and the actual patch code.

is there a way to prefer ChaCha20-Poly1305 only if the client does not support AES-NI, in OpenSSL 1.1.0? I'm currently using the patch on 1.0.2 to do that, but was just wondering.

[injust]

@xetorixik Already made a patch for it a few weeks ago, thanks for the heads up though.