BigNum support in CommonCrypto

Originator:samson.etienne
Number:rdar://38635282 Date Originated:March 19 2018, 10:33 PM
Status:Dupe/12144803/Open Resolved:
Product:macOS + SDK Product Version:N/A
Classification: Reproducible:
 
I'm contacting you as one of libgit2's developers. Here's a more detailed explanation of what's involved : https://github.com/libgit2/objective-git/issues/648

In short, libgit2 uses libssh2 its the ssh support, and libssh2 support currently has no support for CommonCrypto, which makes it a mess to use on iOS (since we need to compile our own OpenSSL). Someone started to work on a CommonCrypto backend for libssh2, but since it's crypto, we need BigNums, and the CommonBigNum.h header is marked as "SPI", with the following comment :

/*
 * This is an SPI - it isn't intended to be generally used.  If you 
 * intend to use this we strongly urge you to talk to someone in the
 * Information Security Group to see if there isn't an alternative
 * set of functions to implement your cryptographic needs.
 */

So, I'd like to have a more precise answer with regards to that comment, more precisely what's meant by "an alternative set of functions", as well as the obvious "does it mean it cannot be used on iOS because it's private API" ?

Comments


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!