Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for aesXXX-gcm@openssh.com ciphers #217

Closed
markspeters opened this issue Oct 28, 2015 · 6 comments · Fixed by #630
Closed

Support for aesXXX-gcm@openssh.com ciphers #217

markspeters opened this issue Oct 28, 2015 · 6 comments · Fixed by #630
Labels
feature
Milestone
0.17.0

Comments

@markspeters
Copy link

SSHJ should add support for the following ciphers:

I believe these ciphers are provided by the BouncyCastle and Java 8 security providers.
@hierynomus hierynomus added this to the 0.16.0 milestone Feb 24, 2016
@hierynomus hierynomus modified the milestones: 0.16.0, 0.17.0 Apr 11, 2016
@kdvolder
Copy link

The server I'm trying to connect to only supports chacha20-poly1305@openssh.com and aes128-gcm@openssh.com.

So can't use SSHJ to connect to it. It would really help if sshj supported these ciphers out of the box.

I wonder if there is a way for me to add this kind of cypher support myself? e.g. via some special configuration options?

@hierynomus
Copy link
Owner

@kdvolder Normally I'd say yes, unfortunately, the GCM ciphers and chacha20-poly1305 should be implemented as they influence how the package needs to be decoded and encoded. The packet formats are slightly different. Implementing this is something that has been on my todo list for quite some time indeed.

@kdvolder
Copy link

Thanks for the response. I'll take your word for that as I know very little about how any of these cipher's work. Luckily for us I was able to convince someone who has control over this at the server's side to loosen up a bit and add a few more cypher's that sshj does support out of the box.

Still would be nice if sshj supported them, but at least my problem is solved for now.

@vishva-shah
Copy link

@hierynomus,
Greetings. Can you please confirm when can we expect SSHJ support for the GCM ciphers and chacha20-poly1305, out of the box?
Thanks.

@savchenko
Copy link

Just a heads-up, this affects Cyberduck and Mountain Duck as Iterate is using this implementation in both.

@TranceLove
Copy link
Contributor

TranceLove commented Sep 5, 2020
edited
Loading

As a developer of Amaze File Manager I had been using sshj to do SFTP since 2018 ;) and we have requests to add support for AES-GCM ciphers too.

I have ported Apache MINA-SSHD's AES-GCM support to sshj, after seeing their recent PR apache/mina-sshd#132 by @jvz. It connects to OpenSSH and MINA-SSHD current master when restricting ciphers to aes-gcm128@openssh.com or aes256-gcm@openssh.com.

Let me do some more tests (as Decoder and Encoder had been modified to accommodate AES-GCM ciphers) and I will submit a PR within a few weeks away.

@TranceLove TranceLove mentioned this issue Sep 7, 2020
Merged
hierynomus pushed a commit that referenced this issue Sep 9, 2020
@TranceLove
Implement AES-GCM cipher support (#630)
143069e 
* Implement AES-GCM cipher support

Fixes #217.

A port of AES-GCM cipher support from Apache MINA-SSHD, based on apache/mina-sshd#132.

Included tests for decoding SSH packets sent from Apache MINA-SSHD and OpenSSH (Version 7.9p1 as used by Debian 10).

Manual tests also done on OpenSSH server 7.9p1 running Debian 10 with its available ciphers, including 3des-cbc, aes128-cbc, aes192-cbc, aes256-cbc, aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com and aes256-gcm@openssh.com.

* Changes per PR feedback

- Fixed variable/statement whitespaces and add back missing braces per coding standard requirement
- Moved Buffer.putLong() and Buffer.getLong() into GcmCipher.CounterGCMParameterSpec since it's the only user
- Moved BaseCipher.authSize into GcmCipher since it is the only cipher that would return a non-zero. BaseCipher will keep return 0 instead
- Made BaseCipher.cipher protected instead of making it publicly accessible
- Combined the three decoding modes in Decoder.decode() into one single method, to reduce code duplication
- Added integration test for the ciphers, along with the newly implemented AES-GCM ciphers
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
0.17.0
Development

Successfully merging a pull request may close this issue.

Implement AES-GCM cipher support
6 participants
@hierynomus @TranceLove @savchenko @kdvolder @markspeters @vishva-shah