David Woodhouse wrote:
The assumption in all the current engine code is that key_id can be
passed as something like a file name.
This is mostly documentation issue.
Usually OpenSSL man pages use filename for <KEY>, but actually it is
just a string and engine is responsible how to process
There are some new users that
actually want to pass a BIO, so add a new load_key method for engines
that takes a flag value.
Engine could use some URN formats for <KEY>. For instance if <KEY>
starts with file:/ engile could try to load from filesystem.
The first defined flag is
ENGINE_LOAD_KEY_FLAG_BIO which means that the key_id is actually a bio
pointer.
I'm not sure that is good idea to pass pointers between loadable
modules. It could be used if there is no alternative. In this case URN
format for <KEY> could inform engine how to load key.
[SNIP]
Regadrs,
Roumen Petrov
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
