wolfcrypt-py icon indicating copy to clipboard operation
wolfcrypt-py copied to clipboard
verified publisher icon wolfSSL

Feature request: add support for AES-EAX and CHACHA20-POLY1305 ciphers

Open pakal opened this issue 1 year ago • 2 comments

The title says it all, other AES modes and bare CHACHA20 are already supported by wolfcrypt-py, but not these (or AES-XTS either) B-)

Thanks for the nice crypto lib!

pakal avatar Jun 05 '24 12:06 pakal

Hi @pakal ,

We support it in wolfCrypt, so adding it in the wrapper should be fairly easy.

Can you tell us more about your use case and need for AES-EAX in our python wrapper? I'm curious what is driving the need for EAX mode. If we can understand your use-case and need then we can prioritize getting it assigned.

Thanks, David Garske, wolfSSL

dgarske avatar Jun 05 '24 14:06 dgarske

Hello David, thanks for your inputs,

our use case is a bit unusual, because we're investigating porting a flexible multi-cipher cryptosystem (https://github.com/WitnessAngel/witness-angel-cryptolib) to the embedded world ; the goal is to mix different types of algorithmes and modes, to make encrypted containers resistant even if one of these ciphers one day happens to have a serious flaw / misuse.

AES-EAX and CHACHA20-POLY1305 are just part of the ciphers we had cherry-picked, for their builtin Authentication feature compared to ex. AES-CBC (although CBC+MAC would also have done the job).

So it's not a "roadblock", but overall being able to play with ALL of Wolfcrypt from Python before C-integration is an awesome luxury, e.g. to ensure compatibility of ciphertexts with the existing Pycryptodome-based implementation of our cryptosystem. And if incompatibilities appear, it would allow us to switch all of the implementations to (wrapped) Wolfcrypt ones.

pakal avatar Jun 06 '24 07:06 pakal

Hi @pakal. Poly/Chacha has been implemented in PR #64

danielinux avatar Sep 27 '24 12:09 danielinux

Thanks a lot!

pakal avatar Oct 08 '24 11:10 pakal