[jira] [Work logged] (SSHD-1017) Add support for chacha20-poly1305@openssh.com

Fri, 14 May 2021 11:34:26 -0700 


     [ 
https://issues.apache.org/jira/browse/SSHD-1017?focusedWorklogId=596828&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-596828
 ]

ASF GitHub Bot logged work on SSHD-1017:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 14/May/21 18:33
            Start Date: 14/May/21 18:33
    Worklog Time Spent: 10m 
      Work Description: jvz commented on a change in pull request #176:
URL: https://github.com/apache/mina-sshd/pull/176#discussion_r632719666



##########
File path: sshd-core/src/main/java/org/apache/sshd/common/BaseBuilder.java
##########
@@ -70,6 +70,7 @@
      */
     public static final List<BuiltinCiphers> DEFAULT_CIPHERS_PREFERENCE = 
Collections.unmodifiableList(
             Arrays.asList(
+                    // BuiltinCiphers.cc20p1305_openssh, // TODO: enable by 
default when BouncyCastle available

Review comment:
       The copy of ChaCha I'm thinking of is one I wrote in the first place 
based on the public domain reference implementation. However, if there's a 
clean way to simply require BouncyCastle to enable this cipher, then we can 
avoid any additional cipher code being copied. As I mentioned before, the main 
problem here is that OpenSSH decided to use a pre-standardized version of 
ChaCha20-Poly1305 which works slightly differently than the one bundled with 
Java 11+.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 596828)
    Time Spent: 2h  (was: 1h 50m)

> Add support for chacha20-poly1...@openssh.com
> ---------------------------------------------
>
>                 Key: SSHD-1017
>                 URL: https://issues.apache.org/jira/browse/SSHD-1017
>             Project: MINA SSHD
>          Issue Type: New Feature
>            Reporter: Matt Sicker
>            Priority: Major
>          Time Spent: 2h
>  Remaining Estimate: 0h
>
> See [protocol 
> details|https://github.com/openbsd/src/blob/master/usr.bin/ssh/PROTOCOL.chacha20poly1305].
> * [RFC 7539|https://tools.ietf.org/html/rfc7539] describes the 
> ChaCha20-Poly1305 algorithm.
> * [Dropbear 
> implementation|https://github.com/mkj/dropbear/blob/master/chachapoly.c]
> * [OpenSSH 
> implementation|https://github.com/openbsd/src/blob/master/usr.bin/ssh/cipher-chachapoly-libcrypto.c]
> The cipher is provided by Bouncycastle.
> As a bonus, this could potentially be adapted to propose an equivalent 
> AES/GCM cipher encoding to how OpenSSH implements this ChaCha20-Poly1305 
> cipher.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org

Reply via email to