Richard Levitte <levitte@xxxxxxxxxxx> writes: > Tomas Mraz <tomas@xxxxxxxxxxx> writes: > >> On Tue, 2023-08-29 at 13:56 -0600, Dr. Pala wrote: >> The algorithm-id parameter is gettable only. > > Er, I beg to differ, at least conceptually speaking. There's nothing > stopping a signature implementation, for example, from allowing the > application to set the AlgorithmIdentifier parameters. As a matter of > fact, we have functionality that supports that, but currently only > for EVP_CIPHER. For others, direct use of OSSL_PARAM setters is still > possible. > > However, it is true that /our providers/ do not support setting the > AlgorithmIdentifier parameters... yet. I may have to retract what I said there, 'cause the EVP_SIGNATURE isn't exactly easy for the caller to get to, as it's fetched internally. ... and there's work going on to remediate that. Cheers, Richard -- Richard Levitte levitte@xxxxxxxxxxx OpenSSL Project http://www.openssl.org/~levitte/
