Add EVP_aead_chacha20_poly1305_ietf() - The informational RFC 7539,

"ChaCha20 and Poly1305 for IETF Protocols", introduced a modified AEAD construction that is incompatible with the common style that has been already used in TLS with EVP_aead_chacha20_poly1305(). The IETF version also adds a constant (salt) that is prepended to the nonce. OK mikeb@ jsing@
author: reyk <> 2015-11-02 15:40:53 +0000
committer: reyk <> 2015-11-02 15:40:53 +0000
commit: 3e2680fbd9dc7657b729f24a677f5ec057643aa6 (patch)
tree: 40446be7b959dce9252457817e67737c7606706c /src/lib/libcrypto/man
parent: 7e3ae45186eaca587d36fb66eb7b7d50236f87da (diff)
download: openbsd-3e2680fbd9dc7657b729f24a677f5ec057643aa6.tar.gz
openbsd-3e2680fbd9dc7657b729f24a677f5ec057643aa6.tar.bz2
openbsd-3e2680fbd9dc7657b729f24a677f5ec057643aa6.zip
1 files changed, 30 insertions, 3 deletions
diff --git a/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3 b/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3
index a2b4efea54..e6abc282d3 100644
--- a/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3
+++ b/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_AEAD_CTX_init.3,v 1.2 2015/10/14 09:11:25 schwarze Exp $
+.\" $OpenBSD: EVP_AEAD_CTX_init.3,v 1.3 2015/11/02 15:40:53 reyk Exp $
 .\"
 .\" Copyright (c) 2014, Google Inc.
 .\" Parts of the text were written by Adam Langley and David Benjamin.
@@ -16,7 +16,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: October 14 2015 $
+.Dd $Mdocdate: November 2 2015 $
 .Dt EVP_AEAD_CTX_INIT 3
 .Os
 .Sh NAME
@@ -30,7 +30,8 @@
 .Nm EVP_AEAD_nonce_length ,
 .Nm EVP_aead_aes_128_gcm ,
 .Nm EVP_aead_aes_256_gcm ,
-.Nm EVP_aead_chacha20_poly1305
+.Nm EVP_aead_chacha20_poly1305 ,
+.Nm EVP_aead_chacha20_poly1305_ietf
 .Nd authenticated encryption with additional data
 .Sh SYNOPSIS
 .In openssl/evp.h
@@ -101,6 +102,10 @@
 .Fo EVP_aead_chacha20_poly1305
 .Fa void
 .Fc
+.Ft const EVP_AEAD *
+.Fo EVP_aead_chacha20_poly1305_ietf
+.Fa void
+.Fc
 .Sh DESCRIPTION
 AEAD (Authenticated Encryption with Additional Data) couples
 confidentiality and integrity in a single primitive.
@@ -219,6 +224,11 @@ AES-128 in Galois Counter Mode.
 AES-256 in Galois Counter Mode.
 .It Fn EVP_aead_chacha20_poly1305
 ChaCha20 with a Poly1305 authenticator.
+.It Fn EVP_aead_chacha20_poly1305_ietf
+ChaCha20 with a Poly1305 authenticator for IETF Protocols.
+The IETF standardised variant of the AEAD is incompatible with the
+original version.
+It uses a constant salt that is prepended to the nonce.
 .El
 .Pp
 Where possible the
@@ -270,6 +280,23 @@ EVP_AEAD_CTX_cleanup(&ctx);
 .Ed
 .Sh SEE ALSO
 .Xr evp 3
+.Sh STANDARDS
+.Rs
+.%A A. Langley
+.%A W. Chang
+.%D November 2013
+.%R draft-agl-tls-chacha20poly1305-04
+.%T ChaCha20 and Poly1305 based Cipher Suites for TLS
+.Re
+.Pp
+.Rs
+.%A Y. Nir
+.%A A. Langley
+.%D May 2015
+.%R RFC 7539
+.%T ChaCha20 and Poly1305 for IETF Protocols
+.Re
+.Pp
 .Sh HISTORY
 AEAD is based on the implementation by
 .An Adam Langley
author	reyk <>	2015-11-02 15:40:53 +0000
committer	reyk <>	2015-11-02 15:40:53 +0000
commit	3e2680fbd9dc7657b729f24a677f5ec057643aa6 (patch)
tree	40446be7b959dce9252457817e67737c7606706c /src/lib/libcrypto/man
parent	7e3ae45186eaca587d36fb66eb7b7d50236f87da (diff)
download	openbsd-3e2680fbd9dc7657b729f24a677f5ec057643aa6.tar.gz openbsd-3e2680fbd9dc7657b729f24a677f5ec057643aa6.tar.bz2 openbsd-3e2680fbd9dc7657b729f24a677f5ec057643aa6.zip

diff --git a/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3 b/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3 index a2b4efea54..e6abc282d3 100644 --- a/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3 +++ b/src/lib/libcrypto/man/EVP_AEAD_CTX_init.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: EVP_AEAD_CTX_init.3,v 1.2 2015/10/14 09:11:25 schwarze Exp $	1	.\" $OpenBSD: EVP_AEAD_CTX_init.3,v 1.3 2015/11/02 15:40:53 reyk Exp $
2	.\"	2	.\"
3	.\" Copyright (c) 2014, Google Inc.	3	.\" Copyright (c) 2014, Google Inc.
4	.\" Parts of the text were written by Adam Langley and David Benjamin.	4	.\" Parts of the text were written by Adam Langley and David Benjamin.
@@ -16,7 +16,7 @@
16	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF	16	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.	17	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18	.\"	18	.\"
19	.Dd $Mdocdate: October 14 2015 $	19	.Dd $Mdocdate: November 2 2015 $
20	.Dt EVP_AEAD_CTX_INIT 3	20	.Dt EVP_AEAD_CTX_INIT 3
21	.Os	21	.Os
22	.Sh NAME	22	.Sh NAME
@@ -30,7 +30,8 @@
30	.Nm EVP_AEAD_nonce_length ,	30	.Nm EVP_AEAD_nonce_length ,
31	.Nm EVP_aead_aes_128_gcm ,	31	.Nm EVP_aead_aes_128_gcm ,
32	.Nm EVP_aead_aes_256_gcm ,	32	.Nm EVP_aead_aes_256_gcm ,
33	.Nm EVP_aead_chacha20_poly1305	33	.Nm EVP_aead_chacha20_poly1305 ,
		34	.Nm EVP_aead_chacha20_poly1305_ietf
34	.Nd authenticated encryption with additional data	35	.Nd authenticated encryption with additional data
35	.Sh SYNOPSIS	36	.Sh SYNOPSIS
36	.In openssl/evp.h	37	.In openssl/evp.h
@@ -101,6 +102,10 @@
101	.Fo EVP_aead_chacha20_poly1305	102	.Fo EVP_aead_chacha20_poly1305
102	.Fa void	103	.Fa void
103	.Fc	104	.Fc
		105	.Ft const EVP_AEAD *
		106	.Fo EVP_aead_chacha20_poly1305_ietf
		107	.Fa void
		108	.Fc
104	.Sh DESCRIPTION	109	.Sh DESCRIPTION
105	AEAD (Authenticated Encryption with Additional Data) couples	110	AEAD (Authenticated Encryption with Additional Data) couples
106	confidentiality and integrity in a single primitive.	111	confidentiality and integrity in a single primitive.
@@ -219,6 +224,11 @@ AES-128 in Galois Counter Mode.
219	AES-256 in Galois Counter Mode.	224	AES-256 in Galois Counter Mode.
220	.It Fn EVP_aead_chacha20_poly1305	225	.It Fn EVP_aead_chacha20_poly1305
221	ChaCha20 with a Poly1305 authenticator.	226	ChaCha20 with a Poly1305 authenticator.
		227	.It Fn EVP_aead_chacha20_poly1305_ietf
		228	ChaCha20 with a Poly1305 authenticator for IETF Protocols.
		229	The IETF standardised variant of the AEAD is incompatible with the
		230	original version.
		231	It uses a constant salt that is prepended to the nonce.
222	.El	232	.El
223	.Pp	233	.Pp
224	Where possible the	234	Where possible the
@@ -270,6 +280,23 @@ EVP_AEAD_CTX_cleanup(&ctx);
270	.Ed	280	.Ed
271	.Sh SEE ALSO	281	.Sh SEE ALSO
272	.Xr evp 3	282	.Xr evp 3
		283	.Sh STANDARDS
		284	.Rs
		285	.%A A. Langley
		286	.%A W. Chang
		287	.%D November 2013
		288	.%R draft-agl-tls-chacha20poly1305-04
		289	.%T ChaCha20 and Poly1305 based Cipher Suites for TLS
		290	.Re
		291	.Pp
		292	.Rs
		293	.%A Y. Nir
		294	.%A A. Langley
		295	.%D May 2015
		296	.%R RFC 7539
		297	.%T ChaCha20 and Poly1305 for IETF Protocols
		298	.Re
		299	.Pp
273	.Sh HISTORY	300	.Sh HISTORY
274	AEAD is based on the implementation by	301	AEAD is based on the implementation by
275	.An Adam Langley	302	.An Adam Langley