Hello, I'm exploring how to implement custom engine, and can't undestand the purpose of EVP_PKEY_derive() function. It is possible to set pointer to it's implementation using EVP_PKEY_meth_set_derive() call.
But it used only in *pkeyutl* command. It is not used in SSL handshake. The only engine which set it is "ccgost", but as I understand in not used at all. According to pkeyutl command documentation it is used for "key derivation (agreement) operations". Could please anyone explain, what it is designed for, and according to which standard it should be implemented in new engine? Is it required at all? Andrey.