Closed tmds closed 2 weeks ago
tmds
commented
3 weeks ago We currently only support AES GCM and this is implemented using the BCL AesGcm class. The underlying platform may not actually provide this algorithm (Aes.Gcm.IsSupported returns false).
For chacha20-poly1305@openssh.com we'll use a managed .NET implementation so it is always available.
This will enable the library to work on the platforms where AES GCM is not supported.
jborean93
commented
3 weeks ago While implementing this would be ideal and now that BouncyCastle is a dependency it should be possible to achieve, AES GCM should be available on the three main platforms Windows, Linux, and macOS. MacOS seems to now have it available by default since .NET 8 https://learn.microsoft.com/en-us/dotnet/standard/security/cross-platform-cryptography#aes-gcm-and-chacha20poly1305-on-macos
Starting in .NET 8, .NET on macOS will use the Apple's CryptoKit framework for AES-GCM and ChaCha20Poly1305.
This is a modern cipher that we should support.
BCL does not include support for implementing this. We need a separate Poly and ChaCha20 handling.
cc @jborean93