Howto implement chacha20-poly1305?
Stef Bon
stefbon at gmail.com
Sun Dec 11 18:34:28 CET 2016
2016-12-04 13:29 GMT+01:00 Stef Bon <stefbon at gmail.com>:
>>
>> Does this help you?
>>
>
Well it takes longer for me to implement. My client software uses a
generic decrypt function which decrypts the incoming message and then
compares the mac.
It also is able to wait for additional chunks of data. The server
sometimes sends the data not in one, but in different parts.
It's complicated since chacha20-poly1305 at openssh.com does things different.
For example the mac is compared when the message is still encrypted,
while the "normal" order is first decrypt and then compare the mac.
(which is also described in
https://tools.ietf.org/html/rfc4253#section-6.4 )
Stef
More information about the Gcrypt-devel
mailing list