Opened 3 years ago

Closed 3 years ago

#862 closed Feature Wish (duplicate)

Upgrade to OpenSSL 1.1.0 for ChaCha20-Poly1305

Reported by: sgobiraj Owned by:
Priority: major Milestone:
Component: Generic / unclassified Version: OpenVPN 2.4.0 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:
Cc: Steffan Karger

Description

Is there a plan to compile OpenVPN against OpenSSL 1.1.0 branch to receive support for ChaCha20-Poly1305 ciphers? A lot of OpenVPN users are running the OpenVPN server/client on ARM/Embedded platforms (Routers, Mobile Phones, etc) that don't have AES acceleration. ChaCha20-Poly1305 is considered to be significantly faster on devices without AES acceleration and is a suitable replacement for AES-GCM ciphers.

Change History (1)

comment:1 Changed 3 years ago by Gert Döring

Cc: Steffan Karger added
Resolution: duplicate
Status: newclosed

Duplicate of #759.

Work is ongoing, but is far from trivial as the OpenSSL 1.1 API is significantly different from 1.0 - patch set is about 15 patches, and about half of them are already in, rest is under review.

Note: See TracTickets for help on using tickets.