Page 1 of 1

CHACHA20-POLY1305 cipher

Posted: Fri Oct 15, 2021 11:32 am
by kevdog
Hi I'm using Viscosity 1.94 as an OpenVPN client connecting to an OpenVPN server running pfSense 2.5.2. I control both the server and client. I have installed on my MacBook openvpn 2.5.4 and I'm aware on pfSense openvpn = 2.5.4. I'm not sure what version of openvpn comes bundled with however.

I was configuring both client and server to use TLS 1.3 and was attempting use the data-cipher of CHACHA20-POLY1305 (I entered this under the data-ciphers option under advanced).

When trying to connect to remote server, viscosity just gives an error that CHACHA20-POLY1305 is unsupported. I'm not sure if this means on the client or server.

Within pfsense I have Data Encryption Algorithms of: CHACHA20-POLY1305, AES-256-GCM, AES-128-GCM. I believe the CHACHA20-POLY1305 cipher is supported since its listed as one of the available options.

Just trying to get some confirmation on whether CHACHA is supported with Viscosity.

Re: CHACHA20-POLY1305 cipher

Posted: Fri Oct 15, 2021 2:49 pm
by James
Hi kevdog,

Use of this cipher requires OpenVPN 2.5, which the latest Viscosity beta version supports. You can find instructions in the article below for how to use the latest beta version:
https://www.sparklabs.com/support/kb/ar ... -versions/

We expect to have version 1.10 fully released once macOS 12 comes out of beta.

Cheers,
James

Re: CHACHA20-POLY1305 cipher

Posted: Fri Oct 15, 2021 11:52 pm
by kevdog
Thanks for info -- I just went ahead and starting using viscosity's beta version and all is well. Thanks for information.