Gitiles
Code Review Sign In
192.168.1.100 / T108 / 41f65e67393adc65e024efffac65f99a369de4e1 / . / package / libs / openssl / patches / 140-allow-prefer-chacha20.patch
blob: fb7bc8436174c09082070035d477613dc248253e [file] [log] [blame]
b.liue9582032025-04-17 19:18:16 +0800[diff] [blame]1From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
2From: Eneas U de Queiroz <cote2004-github@yahoo.com>
3Date: Thu, 27 Sep 2018 08:44:39 -0300
4Subject: Add OPENSSL_PREFER_CHACHA_OVER_GCM option
5
6This enables a compile-time option to prefer ChaCha20-Poly1305 over
7AES-GCM in the openssl default ciphersuite, which is useful in systems
8without AES specific CPU instructions.
9OPENSSL_PREFER_CHACHA_OVER_GCM must be defined to enable it.
10
11Note that this does not have the same effect as the
12SL_OP_PRIORITIZE_CHACHA option, which prioritizes ChaCha20-Poly1305 only
13when the client has it on top of its ciphersuite preference.
14
15Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
16
17--- a/ssl/ssl_ciph.c
18+++ b/ssl/ssl_ciph.c
19@@ -1506,11 +1506,29 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
20 ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head,
21 &tail);
22
23+ /*
24+ * If OPENSSL_PREFER_CHACHA_OVER_GCM is defined, ChaCha20_Poly1305
25+ * will be placed before AES-256. Otherwise, the default behavior of
26+ * preferring GCM over CHACHA is used.
27+ * This is useful for systems that do not have AES-specific CPU
28+ * instructions, where ChaCha20-Poly1305 is 3 times faster than AES.
29+ * Note that this does not have the same effect as the SSL_OP_PRIORITIZE_CHACHA
30+ * option, which prioritizes ChaCha20-Poly1305 only when the client has it on top
31+ * of its ciphersuite preference.
32+ */
33+
34+#ifdef OPENSSL_PREFER_CHACHA_OVER_GCM
35+ ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20, 0, 0, 0, CIPHER_ADD, -1,
36+ &head, &tail);
37+ ssl_cipher_apply_rule(0, 0, 0, SSL_AESGCM, 0, 0, 0, CIPHER_ADD, -1,
38+ &head, &tail);
39+#else
40 /* Within each strength group, we prefer GCM over CHACHA... */
41 ssl_cipher_apply_rule(0, 0, 0, SSL_AESGCM, 0, 0, 0, CIPHER_ADD, -1,
42 &head, &tail);
43 ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20, 0, 0, 0, CIPHER_ADD, -1,
44 &head, &tail);
45+#endif
46
47 /*
48 * ...and generally, our preferred cipher is AES.
49@@ -1565,7 +1583,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
50 * Within each group, ciphers remain sorted by strength and previous
51 * preference, i.e.,
52 * 1) ECDHE > DHE
53- * 2) GCM > CHACHA
54+ * 2) GCM > CHACHA, reversed if OPENSSL_PREFER_CHACHA_OVER_GCM is defined
55 * 3) AES > rest
56 * 4) TLS 1.2 > legacy
57 *
58@@ -2236,7 +2254,13 @@ const char *OSSL_default_cipher_list(voi
59 */
60 const char *OSSL_default_ciphersuites(void)
61 {
62+#ifdef OPENSSL_PREFER_CHACHA_OVER_GCM
63+ return "TLS_CHACHA20_POLY1305_SHA256:"
64+ "TLS_AES_256_GCM_SHA384:"
65+ "TLS_AES_128_GCM_SHA256";
66+#else
67 return "TLS_AES_256_GCM_SHA384:"
68 "TLS_CHACHA20_POLY1305_SHA256:"
69 "TLS_AES_128_GCM_SHA256";
70+#endif
71 }
72--- a/include/openssl/ssl.h.in
73+++ b/include/openssl/ssl.h.in
74@@ -195,9 +195,15 @@ extern "C" {
75 * DEPRECATED IN 3.0.0, in favor of OSSL_default_ciphersuites()
76 * Update both macro and function simultaneously
77 */
78-# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
79- "TLS_CHACHA20_POLY1305_SHA256:" \
80- "TLS_AES_128_GCM_SHA256"
81+# ifdef OPENSSL_PREFER_CHACHA_OVER_GCM
82+# define TLS_DEFAULT_CIPHERSUITES "TLS_CHACHA20_POLY1305_SHA256:" \
83+ "TLS_AES_256_GCM_SHA384:" \
84+ "TLS_AES_128_GCM_SHA256"
85+# else
86+# define TLS_DEFAULT_CIPHERSUITES "TLS_AES_256_GCM_SHA384:" \
87+ "TLS_CHACHA20_POLY1305_SHA256:" \
88+ "TLS_AES_128_GCM_SHA256"
89+# endif
90 # endif
91 /*
92 * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always