Providers: Setting the Signature OID and Parameters
levitte at openssl.org
Wed Sep 6 06:04:22 UTC 2023
Richard Levitte <levitte at openssl.org> writes:
> Tomas Mraz <tomas at openssl.org> writes:
>> On Tue, 2023-08-29 at 13:56 -0600, Dr. Pala wrote:
>> The algorithm-id parameter is gettable only.
> Er, I beg to differ, at least conceptually speaking. There's nothing
> stopping a signature implementation, for example, from allowing the
> application to set the AlgorithmIdentifier parameters. As a matter of
> fact, we have functionality that supports that, but currently only
> for EVP_CIPHER. For others, direct use of OSSL_PARAM setters is still
> However, it is true that /our providers/ do not support setting the
> AlgorithmIdentifier parameters... yet.
I may have to retract what I said there, 'cause the EVP_SIGNATURE isn't
exactly easy for the caller to get to, as it's fetched internally.
... and there's work going on to remediate that.
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-users