From 99d0ac7dea9aa31d0f55731128f670205493373a Mon Sep 17 00:00:00 2001 From: brent s Date: Mon, 2 May 2022 04:15:31 -0400 Subject: [PATCH] Update 'README.md' --- README.md | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index cf96dca..648684d 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,22 @@ -# go_chacha20poly1305_openssh +# cc20p1305ssh -A variant of ChaCha20-Poly1305 that OpenSSH uses -("chacha20-poly1305@openssh.com"). \ No newline at end of file +A Golang library variant of ChaCha20-Poly1305 that OpenSSH uses ("chacha20-poly1305@openssh.com"). + +Note that this module *only* supports the OpenSSH variant. + +## Why is this necessary? + +Because Golang.org/x/crypto [removes functionality](https://github.com/golang/go/issues/36646) (even for [very common tech](https://github.com/golang/go/issues/44226)) and thinks OpenSSH is a "weird" use case. + +They have no decent support for OpenSSH keys or lower-level operations. And guess what -- sometimes you need lower-level functionality. Who knew? + +## Why don't you expose the rest of ChaCha20/Poly1305/ChaCha20-Poly1305? + +* To keep code light (and thus easier to debug, audit, etc.) +* Because otherwise the module name is inaccurate +* Because OpenSSH has their own specific variant + * Which means we can handle SSH-specific functionality if needed +* Because Golang/x/crypto has made it painfully clear that if you want something that deviates from what they think is "best practice", you need to do it yourself + + +Based on [golang.org/x/crypto/chacha20poly1305](https://pkg.go.dev/golang.org/x/crypto/chacha20poly1305) (source specifically forked from [chacha20poly1305](https://cs.opensource.google/go/x/crypto/chacha20poly1305), [chacha20](https://cs.opensource.google/go/x/crypto/chacha20), and [poly1305](https://cs.opensource.google/go/x/crypto/internal/poly1305])), sliced, diced, and ripped to pieces.