Re: OpenSSL 1.1 support status : what next?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Emmanuel,

The task becomes an "XKCD problem" only because you define the problem in terms of support for every conceivable crypto library. In practice there are only libraries a few in common use with SSH (e.g. openssl, libressl). If you define the task in terms of providing an abstraction that is able to support these common crypto libraries (with some measure of forward compatiblity) the task becomes more manageable. In most cases a crypto api function can be defined in terms of an opaque state variable, a state type variable, input, input size, output, output size and a return value.

Any thing would be better than having #ifdef's scattered throughout the code.

Regards,

George.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux