Providers: Setting the Signature OID and Parameters - Resolved

Richard Levitte levitte at openssl.org
Tue Sep 5 07:36:49 UTC 2023


"Dr. Pala" <madwolf at openca.org> writes:

> My guess this is needed because of the types of the parameters are
> limited and I wonder if it would it be feasible to define a parameter
> type that would allow to transfer internal representations instead of
> having to encode/decode the data to/from DER ... ?

Unfortunately, no.  The AlgorithmIdentifier parameter field contents is
highly algorithm dependent, and may not even be DER.  There's no generic
way to know, not even to know how that should be parametrised if it came
to that.  The sane way from libcrypto perspective is to leave the
interpretation to the provider implementation.

Cheers,
Richard

-- 
Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/


More information about the openssl-users mailing list