search

twisted / twisted

Event-driven networking engine written in Python.
https://www.twisted.org
Other
5.49k stars 1.15k forks source link

Add support for AES-GCM based ciphers to conch #6967

Open twisted-trac opened 10 years ago

twisted-trac commented 10 years ago
Alex's avatar Alex reported
Trac ID trac#6967
Type enhancement
Created 2014-02-11 23:02:58Z

There are two approaches to doing so, one is, as standardized in RFC 5647 (https://tools.ietf.org/html/rfc5647). The other is, as implemented in OpenSSH https://github.com/openssh/openssh-portable/blob/868ea1ea1c1bfdbee5dbad78f81999c5983ecf31/PROTOCOL#L82 . Note that OpenSSH does not actually expose the ciphers from the RFC at all.

Searchable metadata ``` trac-id__6967 6967 type__enhancement enhancement reporter__Alex Alex priority__normal normal milestone__ branch__ branch_author__ status__new new resolution__None None component__conch conch keywords__ time__1392159778000000 1392159778000000 changetime__1422704902793547 1422704902793547 version__None None owner__ cc__z3p cc__mkuron ```
adiroiban commented 1 month ago

As an initial proof of concept I went in #12187 and implement only the OpenSSH.com variant.

From what I can see "in the wild" all major SFTP servers are implementing the openssh.com variant, without support for the RFC spec.

If anyone is interested in this, please check the code and send your feedback.

The current code from the PR is not nice, but it works.