Re: [Openvpn-devel] [PATCH 6/7] ovpn-dco-win: introduce windows data-channel offload support

[Frank Lichtenheld]

> Antonio Quartulli <a...@unstable.cc> hat am 02.04.2022 09:09 geschrieben:
[...]
> diff --git a/README.dco.md b/README.dco.md
> index 27c166b9..d3599727 100644
> --- a/README.dco.md
> +++ b/README.dco.md
> @@ -109,6 +116,8 @@ Limitations by design
>  - topology subnet is the only supported `--topology` for servers
>  - iroute directives install routes on the host operating system, see also
>    routing with ovpn-dco
> +- (ovpn-dco-win) client and p2p mode only
> +- (ovpn-dco-win) only AES-GCM-128/192/256 cipher support

This seems to be out-of-sync with the code. The code seems to add 
CHACHA20-POLY1305 support
on Windows 11.

As seen here:
> +
> +const char *
> +dco_get_supported_ciphers()
> +{
> +    /*
> +     * this API can be called either from user mode or kernel mode,
> +     * which enables us to probe driver's chachapoly support
> +     * (available starting from Windows 11)
> +     */
> +
> +    BCRYPT_ALG_HANDLE h;
> +    NTSTATUS status = BCryptOpenAlgorithmProvider(&h, L"CHACHA20_POLY1305", 
> NULL, 0);
> +    if (BCRYPT_SUCCESS(status))
> +    {
> +        BCryptCloseAlgorithmProvider(h, 0);
> +        return "AES-128-GCM:AES-256-GCM:AES-192-GCM:CHACHA20-POLY1305";
> +    }
> +    else
> +    {
> +        return "AES-128-GCM:AES-256-GCM:AES-192-GCM";
> +    }
> +}
> +

Regards,
--
Frank Lichtenheld


_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel