Closed tmds closed 2 weeks ago
We currently only support AES GCM and this is implemented using the BCL AesGcm
class. The underlying platform may not actually provide this algorithm (Aes.Gcm.IsSupported returns false
).
For chacha20-poly1305@openssh.com
we'll use a managed .NET implementation so it is always available.
This will enable the library to work on the platforms where AES GCM is not supported.
While implementing this would be ideal and now that BouncyCastle is a dependency it should be possible to achieve, AES GCM should be available on the three main platforms Windows, Linux, and macOS. MacOS seems to now have it available by default since .NET 8 https://learn.microsoft.com/en-us/dotnet/standard/security/cross-platform-cryptography#aes-gcm-and-chacha20poly1305-on-macos
Starting in .NET 8, .NET on macOS will use the Apple's CryptoKit framework for AES-GCM and ChaCha20Poly1305.
This is a modern cipher that we should support.
BCL does not include support for implementing this. We need a separate Poly and ChaCha20 handling.
cc @jborean93