[erlang-questions] chacha20-poly1305 AEAD is not available for libressl built

mko_io me@REDACTED
Fri Mar 23 22:31:23 CET 2018


Dear erlang community,

Just report a bug:

The openssl that I built OTP 20.3.2 with is Libressl(portable 2.6.4), it does have ciper chacha20-poly1305 as AEAD

$openssl version
LibreSSL 2.6.4
$ openssl ciphers -v | grep chacha20

ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=ChaCha20-Poly1305 Mac=AEAD

but it’s not in erlang

crypto:supports().
[{hashs,[sha,sha224,sha256,sha384,sha512,md4,md5,ripemd160]},
 {ciphers,[des3_cbc,des_ede3,des3_cbf,des3_cfb,aes_cbc,
           aes_cbc128,aes_cfb8,aes_cfb128,aes_cbc256,aes_ctr,aes_ecb,
           aes_gcm,aes_ige256,des_cbc,des_cfb,des_ecb,blowfish_cbc,
           blowfish_cfb64,blowfish_ofb64,blowfish_ecb,rc2_cbc,rc4]}, 
 {public_keys,[rsa,dss,dh,ec_gf2m,ecdsa,ecdh,srp]},
 {macs,[hmac,cmac]}]

and in the release note of application crypto 4.0, this feature is enabled

"Crypto chacha20-poly1305 as in RFC 7539 enabled for OpenSSL >= 1.1."

so I think it’s a libressl compatibility issue, hope the someone can fix it





More information about the erlang-questions mailing list