Writing a DER reader, 'cause we've chosen - for good reason - to avoid using crypto/asn1 code in our providers, especially FIPS
(RSA-PSS params are not easy to handle any other way)
Add code to handle the "alg_id_params" value in all implementations that needs it.
In some cases, all that's needed is to verify that the value is NULL (some algorithms' specification say that AlgorithmIdentifier.parameters MUST be present and NULL)
This involves:
Writing a DER reader, 'cause we've chosen - for good reason - to avoid using
crypto/asn1
code in our providers, especially FIPS(RSA-PSS params are not easy to handle any other way)
Add code to handle the "alg_id_params" value in all implementations that needs it.
In some cases, all that's needed is to verify that the value is NULL (some algorithms' specification say that AlgorithmIdentifier.parameters MUST be present and NULL)
Design ref: https://github.com/openssl/openssl/pull/22162