Emmanuel,
The task becomes an "XKCD problem" only because you define the problem
in terms of support for every conceivable crypto library. In practice
there are only libraries a few in common use with SSH (e.g. openssl,
libressl). If you define the task in terms of providing an abstraction
that is able to support these common crypto libraries (with some measure
of forward compatiblity) the task becomes more manageable. In most
cases a crypto api function can be defined in terms of an opaque state
variable, a state type variable, input, input size, output, output size
and a return value.
Any thing would be better than having #ifdef's scattered throughout the
code.
Regards,
George.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev