Feature request: Add support for eXtended-nonce ChaCha (AEAD_XChaCha20_Poly1305)

bcgit / bc-java

Bouncy Castle Java Distribution (Mirror)

https://www.bouncycastle.org/java.html

MIT License

2.28k stars 1.13k forks source link

Feature request: Add support for eXtended-nonce ChaCha (AEAD_XChaCha20_Poly1305) #631

Open bdemers opened 4 years ago

bdemers commented 4 years ago

https://tools.ietf.org/html/draft-irtf-cfrg-xchacha-01#section-2

AEAD_XChaCha20_Poly1305

   XChaCha20-Poly1305 is a variant of the ChaCha20-Poly1305 AEAD
   construction as defined in [RFC7539] that uses a 192-bit nonce
   instead of a 96-bit nonce.

bdemers commented 4 years ago

It might be possible to extend/tweak org.bouncycastle.crypto.modes.ChaCha20Poly1305) to take in the NONCE_SIZE in a constructor (or package private constructor)

alexdupre commented 3 years ago

Given that there is already the implementation of XSala20 and ChaCha20-Poly1305 in BC, it shouldn't be too complex to add it. I've found some experiments with BC.NET in the following url, but it cannot be imported as is: https://www.scottbrady91.com/C-Sharp/XChaCha20-Poly1305-dotnet It'd be a nice addition.

Traderjoe95 commented 3 years ago

I address this in PR #957. The implementation really wasn't that much work along the lines of XSalsa20Engine