-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support ChaCha20 Poly1305 on Unix #52522
Conversation
Tagging subscribers to this area: @bartonjs, @vcsjones, @krwq, @GrabYourPitchforks Issue DetailsContributes to #52482
|
Draft for now, I suspect there will be compilation failures on older Linux. |
src/libraries/Native/Unix/System.Security.Cryptography.Native/opensslshim.h
Show resolved
Hide resolved
src/libraries/Native/Unix/System.Security.Cryptography.Native/pal_evp_cipher.c
Outdated
Show resolved
Hide resolved
Co-authored-by: Adeel Mujahid <[email protected]>
I'm guessing some of our macOS machines don't have OpenSSL 1.1.0 on them? Looks like the 10.15 machines do, and <= 10.14 don't. |
Note, I considered refactoring this to an AeadCommon pattern as Windows was, but left it as-is for now. The CCM, GCM, and ChaChaPoly implementations all have some notable differences. ChaChaPoly1305 uses a slightly newer API to get and set the authentication tag. CCM does not call |
src/libraries/Native/Unix/System.Security.Cryptography.Native/configure.cmake
Show resolved
Hide resolved
|
||
if (associatedData.Length != 0) | ||
{ | ||
if (!Interop.Crypto.EvpCipherUpdate(_ctxHandle, Span<byte>.Empty, out _, associatedData)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Out of morbid curiosity, what happens if multiple threads call this at the same time on the same instance? Is there a potential for buffer overrun?
(I know this is copied from the existing AEAD code, so I'm not suggesting changes at this time. Just trying to calculate risk exposure.)
Contributes to #52482