The libssh2 story · Issue #648 · libgit2/objective-git (original) (raw)

I'm filing that here for ease of documentation (since macOS is obviously the biggest user of the SecureTransport/CommonCrypto "backend" combination in libgit2-land).

The reference implementation I started with is here, and I have a rebased but not-working libssh2 branch of it here.

The current problem with that implementation is that it depends on this header for its BigNum implementation, which (might) mean a definitive NACK when iOS-ing. Also, there's a vague and "concerning" comment (hence the might).

Additionally, libssh2 recently changed its crypto layer a year ago so that backends now are responsible for doing the DH computations themselves (which either requires BigNum, or could be implemented using another private header.