On 1/17/24 00:53, Hopkins, Andrew wrote: > AWS-LC recently plumbed support for ChaChaPoly and AES CCM through the > existing EVP_CIPHER API that HAProxy uses in > https://github.com/aws/aws-lc/pull/1311 and > https://github.com/aws/aws-lc/pull/1373. Do you need support for just the > cipher EVP_chacha20?
Yes, EVP_chacha20 is required to protect the QUIC packet header (so without AAD and with a longer IV length compared to EVP_chacha20_poly1305. About TLS_AES_128_CCM_SHA256, I have noticed that it is disabled by aws-lc during TLS 1.3 QUIC sessions. Even when I set the default ciphersuites as mentionned in my previous mail. This is done by a call to SSL_CTX_set_ciphersuites(). I have not found any TLS_AES_128_CCM_SHA256 strings into aws-lc source code. So, I guess this is the root cause of this issue.
