OpenSSL v0.9.6
Platform/Config: na?
filename: crypto/pkcs7/pk7_doit.c
line 226
I'm trying to abuse openssl and get it to verify the CMS output of my
timestamp authority. The input is SignedData and the only thing different
is that the ContentInfo is not id_data. I'm trying to understand why the
contents are only being loaded in the bio if the type is id_data. As any
SignedData type needs to have a digest over the contents, this blows up
later on for me when the empty digest is compared to the value of my signed
attribute message digest. Is this beyond the scope of openssl or should I
be asking elsewhere or did I just miss the whole boat. Thanks for any help.
221: if (bio == NULL) {
222: if (p7->detached)
223: bio=BIO_new(BIO_s_null());
224: else {
225: if (PKCS7_type_is_signed(p7) &&
>>>>>> 226:
PKCS7_type_is_data(p7->d.sign->contents)) {
227: ASN1_OCTET_STRING *os;
228: os=p7->d.sign->contents->d.data;
229: if (os->length > 0) bio =
230: BIO_new_mem_buf(os->data,
os->length);
231: }
232: if(bio == NULL) {
233: bio=BIO_new(BIO_s_mem());
234: BIO_set_mem_eof_return(bio,0);
235: }
236: }
237: }
Greg Dowd
[EMAIL PROTECTED]
Staff Scientist
Datum, eBS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
