Dmitry Belyavskiy wrote:
[SNIP] I think it's doable if libressl has 1.1.1-style EVP API. It is possible to assign RSA/EC/DH to EVP_PKEY object and use EVP API afterwards in 1.1.1 and use the OSSL_PARAM_BLD for 3.0
1.1.1 API !??!?!?! PKIX-SSH uses EVP_PKEY and work-fine with even with ancient OpenSSL 0.9.7. EVP_PKEY is core functionality and so OpenSSL forks compatible with 1.0.2 API support such functionality as well!!!!!!! Note EVP_PKEY is SSLea , i.e. pre OpenSSL functionality! All outside EVP functionality was deprecated in OpenSSL 1.0.0 API. So who cares for 1.1.1 API? One day, perhaps in 2187 year, OpenBSD implementation will stop to use API deprecated in 1.0.0. Regards, Roumen Petrov -- Advanced secure shell implementation with X.509 certificate support http://roumenpetrov.info/secsh/ _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
