Tomas Mraz <tomas@xxxxxxxxxxx> writes: > On Tue, 2023-08-29 at 13:56 -0600, Dr. Pala wrote: > The algorithm-id parameter is gettable only. Er, I beg to differ, at least conceptually speaking. There's nothing stopping a signature implementation, for example, from allowing the application to set the AlgorithmIdentifier parameters. As a matter of fact, we have functionality that supports that, but currently only for EVP_CIPHER. For others, direct use of OSSL_PARAM setters is still possible. However, it is true that /our providers/ do not support setting the AlgorithmIdentifier parameters... yet. Cheers, Richard -- Richard Levitte levitte@xxxxxxxxxxx OpenSSL Project http://www.openssl.org/~levitte/