[openssl-users] OpenSSL patch for CHACHA cipher support in OpenSSL 1.0.2

Srivalli Kuppa (srikuppa) srikuppa at cisco.com
Mon Jun 11 17:53:24 UTC 2018

Interesting. Yes, I did take a look at Cloudflare patch but wasn't sure if I could use that.
Alright. This helps. 

My only option is to upgrade to OpenSSL 1.1.0 in order to support CHACHA+Poly1305 cipher support.

Thanks Rich.

On 6/11/18, 1:40 PM, "Salz, Rich" <rsalz at akamai.com> wrote:

    >    Just curious, is there a possibility to patch CHACHA cipher specific changes to OpenSSL 1.0.2 version still and get SSL handshake succeed?
    It can be done; CloudFlare posted some patches at https://github.com/cloudflare/sslconfig/tree/master/patches but I think they used the pre-IETF version and so might need some tweaks.  The OpenSSL project won't do it (we don't add features to existing releases).

More information about the openssl-users mailing list