Dmitry Belyavskiy
Dmitry Belyavskiy
A follow-up to #21355
I believe that we may have both exportable keys (that can be made compatible with the byte array export/import operation) and non-exportable (we got an opaque object from the provider...
> So, listening to what's been said, it sounds like an EVP_SKEY would conceptually be a union of "a bunch of bytes" (with no particular algorithm in mind) and a...
Thanks for the clarification! I totally agree with the expanded explanation.
@levitte @t8m I incorporated your comments into the updated version of the document, feel free to raise the concerns
I still wonder if we shouldn't throw it away an use EVP_PKEY instead :)
Pushed an updated version.
Some param names to be standardized: - algorithm name - key length - key representation on export (raw/wrapped/handle)
Superseded by #25908
> If I understand correctly, this is already possible (*) by using the EVP_CIPHER_CTX_get_updated_iv() API and the raw key; EVP_CipherInit() using the "updated" IV would then be able to resume...