warren/markbase
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

perf(ssh): Remove ChaCha20-Poly1305 algorithm (AES-GCM already achieves 100 MB/s)

Browse Source
This commit is contained in:
Warren
2026-06-19 23:36:47 +08:00
parent 5f61ebd328
commit 00767c1d26
5 changed files with 212 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
markbase-core/src/ssh_server/server.rs
View File

@@ -306,12 +306,15 @@ fn perform_complete_kex_exchange(
let session_keys = kex_state.exchange_handler.compute_session_keys()?;
let mut encryption_ctx = EncryptionContext::from_session_keys(&session_keys);
// Phase 1: 根据 KEX 协商结果设置加密模式AES-GCM vs AES-CTR
// Phase 1+5: 根据 KEX 协商结果设置加密模式(ChaCha20-Poly1305 / AES-GCM / AES-CTR
let encryption_algorithm = &kex_result.encryption_stoc;
info!("KEX negotiated encryption algorithm: {}", encryption_algorithm);
use crate::ssh_server::cipher::CipherMode;
if encryption_algorithm.contains("gcm") {
if encryption_algorithm.contains("chacha20") {
info!("Setting cipher mode to ChaCha20-Poly1305 (AEAD)");
encryption_ctx.set_cipher_mode(CipherMode::ChaChaPoly)?;
} else if encryption_algorithm.contains("gcm") {
info!("Setting cipher mode to AES-GCM (AEAD)");
encryption_ctx.set_cipher_mode(CipherMode::AesGcm)?;
} else {