Description
Some KMS will support symmetric ciphers PKCS#11 is one of them.
We will probably need to add something like:
type Cipher interface {
CreateCipher(req *CreateCipherRequest) (*CreateCipherResponse, error)
CreateSecretKey(req *CreateSecretKeyRequest) (*CreateSecretKeyResponse, error)
}CreateCipher can load a previously created secret key, or we can remove CreateSecretKey and do both operations in CreateCipher.
We might either add different fields for different cipher types (cipher.AEAD, cipher.Block, cipher.BlockMode, cipher.Stream) or use something like crypto11.SecretKey
Description
Some KMS will support symmetric ciphers PKCS#11 is one of them.
We will probably need to add something like:
CreateCipher can load a previously created secret key, or we can remove CreateSecretKey and do both operations in CreateCipher.
We might either add different fields for different cipher types (cipher.AEAD, cipher.Block, cipher.BlockMode, cipher.Stream) or use something like crypto11.SecretKey