crypto: chachapoly availble in /dev/crypto#19393
Conversation
Expose the bare ChaCha20 stream cipher (no Poly1305) through /dev/crypto to the userspace consumers Signed-off-by: Felipe Moura <moura.fmo@gmail.com>
Add config to use Dropbear in sim enviroment. Signed-off-by: Felipe Moura <moura.fmo@gmail.com>
79505ba to
27e7183
Compare
|
Thanks for working on this. I'd suggest a different, more unified approach here rather than adding a parallel encrypt_multi/decrypt_multi path with new chacha20_stream_* helpers. The framework already supports stream ciphers through the existing encrypt/decrypt callbacks (e.g. AES-CTR/OFB/CFB). Rather than forking the interface into a separate stream path, we can just extend the existing encrypt/decrypt signature to carry a length: swcr_encdec handles a partial final block via buflen = MIN(i, blocksize), so arbitrary-length stream data flows through the existing single path. I already have a patch implementing this (extending the encrypt/decrypt signature + chacha20 export on the unified path). I'm happy to share it so we can align on the unified approach. |
Summary
Adds a raw CRYPTO_CHACHA20 stream-cipher algorithm to the OCF crypto framework (/dev/crypto), needed because SSH's chacha20-poly1305@openssh.com uses two independent ChaCha20 keystreams and doesn't match the existing combined CRYPTO_CHACHA20_POLY1305 xform
Also adds a sim:dropbear board config combining networking and Dropbear so the SSH server can be exercised locally without hardware.
Related PR: apache/nuttx-apps#3626, which consumes this to back Dropbear's chacha20-poly1305@openssh.com cipher via /dev/crypto. Both are draft PRs meant to be reviewed together.
Impact
New opt-in crypto algorithm and a new sim-only board config; no changes to existing algorithms or configs.
Testing
Host: Linux x86_64, sim target.
This Implementation was tested using apache/nuttx-apps#3626, result logs can be checked there.