ssh-cipher: add ChaCha20Poly1305 packet encryption example#559
Merged
Conversation
The `ChaCha20Poly1305` type provided by this crate just implements the AEAD portion of the full construction. In a packet encryption context, ChaCha20Poly1305 is keyed by a 512-bit key consisting of two independent 256-bit ChaCha20 keys: one used for length encryption with the unauthenticated `ChaCha20`, and the other for authenticating the length ciphertext along with a body using the full `ChaCha20Poly1305` AEAD. This adds a code example showing how that can be done using only types imported from `ssh-cipher` and no additional dependencies. We could eventually wrap this up into a higher level API provided by `ssh-cipher` implementing this functionality, but for now a simple code example seems more flexible as far as the need to interleave length decryption with decoding the packet.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The
ChaCha20Poly1305type provided by this crate just implements the AEAD portion of the full construction.In a packet encryption context, ChaCha20Poly1305 is keyed by a 512-bit key consisting of two independent 256-bit ChaCha20 keys: one used for length encryption with the unauthenticated
ChaCha20, and the other for authenticating the length ciphertext along with a body using the fullChaCha20Poly1305AEAD.This adds a code example showing how that can be done using only types imported from
ssh-cipherand no additional dependencies.We could eventually wrap this up into a higher level API provided by
ssh-cipherimplementing this functionality, but for now a simple code example seems more flexible as far as the need to interleave length decryption with decoding the packet.