[ https://issues.apache.org/jira/browse/SSHD-506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17109564#comment-17109564 ]
Matt Sicker commented on SSHD-506: ---------------------------------- Yup, it's not as simple an update as some of the other SSH RFCs. Thus, it has taken longer than a day for a proof of concept (I still seem to have a few off by 1-ish errors in my modifications right now), but I hope to figure it out with some added logging to figure out what I'm doing wrong. There is one particularly tricky design issue here with the Mina interface for Cipher. In order to use GCM, we need to finalize and initialize the cipher at the end of each packet. The other modes never finalize the cipher until a rekey event takes place (which it still technically never calls {{doFinal}}), thus no new IVs are ever needed until said rekey event. In GCM, we need to re-initialize the cipher for each packet with the appropriate nonce/IV. Based on my reading of the standard, what I think happens is that we use the agreed upon IVs as our initial nonce, but then we overwrite the invocation counter octets with the corresponding packet sequence number. Once I can get something working in a unit test at least, I can then try it out with OpenSSH to verify my assumptions. > Add support for aes128/256-gcm ciphers > -------------------------------------- > > Key: SSHD-506 > URL: https://issues.apache.org/jira/browse/SSHD-506 > Project: MINA SSHD > Issue Type: Improvement > Reporter: Lyor Goldstein > Priority: Major > > See: > * [rfc5647|https://tools.ietf.org/html/rfc5647] > * > [draft-igoe-secsh-aes-gcm-01|https://tools.ietf.org/html/draft-igoe-secsh-aes-gcm-01] > * [OpenSSH v6.2|http://www.openssh.com/txt/release-6.2] > * [JAVA AES 256 GCM encrypt/decrypt > example|https://javainterviewpoint.com/java-aes-256-gcm-encryption-and-decryption/] > - especially the usage of {{GCMParameterSpec}} to initialize the cipher > * [OpenJDK 8 AESCipher.java source > code|https://github.com/frohoff/jdk8u-dev-jdk/blob/master/src/share/classes/com/sun/crypto/provider/AESCipher.java] > ** See also > [CipherCore.java|https://github.com/frohoff/jdk8u-dev-jdk/blob/master/src/share/classes/com/sun/crypto/provider/CipherCore.java], > > [FeedbackCipher.java|https://github.com/frohoff/jdk8u-dev-jdk/blob/master/src/share/classes/com/sun/crypto/provider/FeedbackCipher.java], > > [GaloisCounterMode.java|https://github.com/frohoff/jdk8u-dev-jdk/blob/master/src/share/classes/com/sun/crypto/provider/GaloisCounterMode.java] -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org