Subject: Re: libssh2 crypto back-ends: need for bignum access

Re: libssh2 crypto back-ends: need for bignum access

From: Peter Stuge <peter_at_stuge.se>
Date: Mon, 28 Nov 2016 01:51:38 +0000

Chris Hanson wrote:
> I was wondering if someone who has an understanding of libssh2
> crypto back-end implementation could describe why it needs access
> to the crypto system’s bignum implementation.

The SSH 2 protocol sends "mpint" values in various messages.

See RFC 4251 5. on bottom of page 8 for the wire format.

The ssh-dss public key format is REQUIRED, and ssh-rsa is RECOMMENDED,
by RFC 4253 6.6. on pages 13-14.

Finally, RFC 4253 8. also uses mpint in the DH key exchange. Search
for SSH_MSG_KEXDH_INIT and SSH_MSG_KEXDH_REPLY.

> whether this is actually necessary to implement the SSHv2 protocol
> correctly/securely.

Yes.

> If there’s a real need to expose this for a correct implementation,
> I’d like to file a bug with Apple that contains a detailed
> justification.

Cool. RFC 4251 and 4253 are good references. See also RFC 4419.

//Peter
_______________________________________________
libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2016-11-28