Hello, I want to use OpenSSL to create an X509 request where the signature has been calculated by an external device (ATMEL ATECC508A). With OpenSSL 1.0 I used X509_REQ *req; req = X509_REQ_new(); algor = X509_ALGOR_new(); algor->algorithm = OBJ_nid2obj(NID_ecdsa_with_SHA256); X509_ALGOR_free(req->sig_alg); req->sig_alg = algor; ASN1_BIT_STRING_set(req->signature, asn1sig, asn1len); req->signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); req->signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; How can I port this code to OpenSSL 1.1? There do not seem to exist setter methods for 'sig_alg' or 'signature'. I could use X509_REQ_get0_signature(), cast away the 'const' from the returned pointers and modify them. But this would be hacky and not portable. What is the recommended way to create an X509 REQ with OpenSSL 1.1 when all the crypto has been done in the outside and I need only the ASN.1 structure? Would it be possible to add setter methods for 'sig_alg' and 'signature'? Thanks Enrico
