Chris Hanson wrote: > I was wondering if someone who has an understanding of libssh2 > crypto back-end implementation could describe why it needs access > to the crypto system’s bignum implementation.
The SSH 2 protocol sends "mpint" values in various messages. See RFC 4251 5. on bottom of page 8 for the wire format. The ssh-dss public key format is REQUIRED, and ssh-rsa is RECOMMENDED, by RFC 4253 6.6. on pages 13-14. Finally, RFC 4253 8. also uses mpint in the DH key exchange. Search for SSH_MSG_KEXDH_INIT and SSH_MSG_KEXDH_REPLY. > whether this is actually necessary to implement the SSHv2 protocol > correctly/securely. Yes. > If there’s a real need to expose this for a correct implementation, > I’d like to file a bug with Apple that contains a detailed > justification. Cool. RFC 4251 and 4253 are good references. See also RFC 4419. //Peter _______________________________________________ libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
