mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeremy Norris (Jira)" <j...@apache.org>
Subject [jira] [Commented] (SSHD-1017) Add support for chacha20-poly1305@openssh.com
Date Mon, 19 Oct 2020 14:40:00 GMT

    [ https://issues.apache.org/jira/browse/SSHD-1017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17216775#comment-17216775
] 

Jeremy Norris commented on SSHD-1017:
-------------------------------------

FYI, I was able to put together an implementation of this for the [JSch fork on Github|https://github.com/mwiede/jsch].

It was a bit tricky: it uses a combination of ChaCha20 fromĀ [JEP 329|http://openjdk.java.net/jeps/329]
combined with a standalone implementation of Poly1305 from [OpenJAX|https://github.com/openjax/security].

It's not possible to use the combined ChaCha20-Poly1305 implementation from JEP 329, since
OpenSSH doesn't follow the [RFC 7539|https://tools.ietf.org/html/rfc7539] standard for this,
and JEP 329 doesn't allow for instantiating a standalone instance of just Poly1305.

> Add support for chacha20-poly1305@openssh.com
> ---------------------------------------------
>
>                 Key: SSHD-1017
>                 URL: https://issues.apache.org/jira/browse/SSHD-1017
>             Project: MINA SSHD
>          Issue Type: New Feature
>            Reporter: Matt Sicker
>            Priority: Major
>
> See [protocol details|https://github.com/openbsd/src/blob/master/usr.bin/ssh/PROTOCOL.chacha20poly1305].
> * [RFC 7539|https://tools.ietf.org/html/rfc7539] describes the ChaCha20-Poly1305 algorithm.
> * [Dropbear implementation|https://github.com/mkj/dropbear/blob/master/chachapoly.c]
> * [OpenSSH implementation|https://github.com/openbsd/src/blob/master/usr.bin/ssh/cipher-chachapoly-libcrypto.c]
> The cipher is provided by Bouncycastle.
> As a bonus, this could potentially be adapted to propose an equivalent AES/GCM cipher
encoding to how OpenSSH implements this ChaCha20-Poly1305 cipher.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org


Mime
View raw message