"Tridib, Mumbai" wrote:
> 3. If I have a crypto API which can generate a hash of a data and then sign it using
>the private key of the certificate, then is it possible to output a PKCS#7
>signed-object?If yes, How it can be done.
Technically talking, yes, but only pkcs#7 _without_ any signed attribute.
You'd need to create a new pkcs#7 the standard way, and instead of calling the sign
function, fill the signature inside signerinfo, with the data you got from the crypto
API.
Get the RFC2630, understand the inside format of PKCS#7, understand how this is
represented inside openssl, do it.
It's not going to be very easy.
I wonder if including a function DoPkcs7FromPkcs1Signature would be an option in
OpenSSL ?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
