[ https://issues.apache.org/jira/browse/SSHD-1017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17216775#comment-17216775
]
Jeremy Norris commented on SSHD-1017:
-------------------------------------
FYI, I was able to put together an implementation of this for the [JSch fork on Github|https://github.com/mwiede/jsch].
It was a bit tricky: it uses a combination of ChaCha20 fromĀ [JEP 329|http://openjdk.java.net/jeps/329]
combined with a standalone implementation of Poly1305 from [OpenJAX|https://github.com/openjax/security].
It's not possible to use the combined ChaCha20-Poly1305 implementation from JEP 329, since
OpenSSH doesn't follow the [RFC 7539|https://tools.ietf.org/html/rfc7539] standard for this,
and JEP 329 doesn't allow for instantiating a standalone instance of just Poly1305.
> Add support for chacha20-poly1305@openssh.com
> ---------------------------------------------
>
> Key: SSHD-1017
> URL: https://issues.apache.org/jira/browse/SSHD-1017
> Project: MINA SSHD
> Issue Type: New Feature
> Reporter: Matt Sicker
> Priority: Major
>
> See [protocol details|https://github.com/openbsd/src/blob/master/usr.bin/ssh/PROTOCOL.chacha20poly1305].
> * [RFC 7539|https://tools.ietf.org/html/rfc7539] describes the ChaCha20-Poly1305 algorithm.
> * [Dropbear implementation|https://github.com/mkj/dropbear/blob/master/chachapoly.c]
> * [OpenSSH implementation|https://github.com/openbsd/src/blob/master/usr.bin/ssh/cipher-chachapoly-libcrypto.c]
> The cipher is provided by Bouncycastle.
> As a bonus, this could potentially be adapted to propose an equivalent AES/GCM cipher
encoding to how OpenSSH implements this ChaCha20-Poly1305 cipher.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org
|