Subject: Re: Added OS X Native Crypto Support

Re: Added OS X Native Crypto Support

From: Marc Hörsken <info_at_marc-hoersken.de>
Date: Mon, 5 Jan 2015 20:49:04 +0100

Hello Keith,

> Am 02.12.2014 um 16:34 schrieb Keith Duncan <keith.duncan_at_github.com>:
>
> Similar to the WinCNG crypto backend I’ve added support for using the OS X native crypto support as a libssh2 crypto backend.

thank you very much for creating this native crypto backend.

> https://github.com/keithduncan/libssh2 <https://github.com/keithduncan/libssh2>
Would you mind rebasing your work to the current master branch and keep it in a separate branch inside your repository so reviewing and rebasing becomes easier for me and the other people around here?
Thanks in advance.

> It looks like Nick Zitzmann also started a similar project in 2012 but discovered that there’s no public BigNum API in OS X http://lists.apple.com/archives/apple-cdsa/2012/Aug/msg00009.html <http://lists.apple.com/archives/apple-cdsa/2012/Aug/msg00009.html>
>
> I ran in to the same issue but went ahead and used the private BigNum API he references. For this reason I’m not sure that this would be a good candidate for submitting upstream. Then again perhaps it could serve as a compelling reason for the API to be made public if it would enable OS X native SSH2 crypto.

Instead of using a private API you could also try to use the RSA encryption method to perform the necessary big number operation, which currently is only modular exponentiation.
I used this approach to implement the native crypto backend on Windows, since it does not have a big number library either.
Please see the following email for more information: [1]
The implementation using RSA encryption can be found here: [2]

> I hope this is of interest, let me know if there’s any interest in a patch.

I would really like to see this merged the same way as the WinCNG backend was, because it would allow someone to build libssh2 and then also curl with ssh support using just the native crypto libraries.

Best regards,
Marc

[1] http://libssh2.org/mail/libssh2-devel-archive-2013-05/0011.shtml
[2] http://git.libssh2.org/?p=libssh2.git;a=blob;f=src/wincng.c;h=4a8aa164dc5bae227ae7534f86d33feeca987541;hb=HEAD;js=1#l1635

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2015-01-05