On Sun, 2021-12-12 at 00:39 +0200, Graham Leggett via openssl-users wrote: > Hi all, > > The ENGINE API is deprecated in favour of the new Provider API. > > What is the provider equivalent function that replaces > ENGINE_load_private_key()? One option would be for a provider to provide provider-storemgmt implementation to load a key from its special URI. You'd then use OSSL_STORE from the application to load a private key from that special URI. Another, rather simplistic, approach would be to use the EVP_PKEY_fromdata() function. In that case you'd have to know what the key algorithm are you using. You'd then use EVP_PKEY_CTX_new_from_name with query properties to include "provider=your_provider" and the params used with EVP_PKEY_fromdata() would contain just the special id parameter that the provider would use to identify the private key from the device. > Regards, > Graham > — > -- Tomáš Mráz, OpenSSL
