On 7 February 2018 at 11:45, Andrew Cagney <andrew.cag...@gmail.com> wrote:
> On 7 February 2018 at 10:41, Franziskus Kiefer <fkie...@mozilla.com> wrote:
>> You should probably try to detect this at runtime.
>> At compile time you can simply check if SEC_OID_CURVE25519 exists and fail
>> (or do something else) if it doesn't.

If SEC_OID_CURVE25519 was a #define then a build time test would be
easy.  Alas, it's an enum.
So without sucking in autoconf, is there some official proxy for this.
If all else fails there should be a version number in the header.

>> At runtime you could try using SEC_OID_CURVE25519 (with your own define to
>> 355) and have a fallback if NSS gives you an error on using it.

While NSS has what I'll loosely describe as its ABI guarantee and this
magic should work.  I'd rather to not go there.

I'm more comfortable with building against version X and only accept
version >=X at runtime.

dev-tech-crypto mailing list

Reply via email to