How embarassing. It appears that if I call the PKCS7_dataDecode and
actually read the data it works just like it is supposed to do. Sorry.
-----Original Message-----
From: Greg Dowd [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 22, 2001 12:32 PM
To: [EMAIL PROTECTED]
Subject: v0.9.6 Query on PKCS7 decoding
OpenSSL v0.9.6
Platform/Config: na?
filename: crypto/pkcs7/pk7_doit.c
line 226
I'm trying to abuse openssl and get it to verify the CMS output of my
timestamp authority. The input is SignedData and the only thing different
is that the ContentInfo is not id_data. I'm trying to understand why the
contents are only being loaded in the bio if the type is id_data. As any
SignedData type needs to have a digest over the contents, this blows up
later on for me when the empty digest is compared to the value of my signed
attribute message digest. Is this beyond the scope of openssl or should I
be asking elsewhere or did I just miss the whole boat. Thanks for any help.
221: if (bio == NULL) {
222: if (p7->detached)
223: bio=BIO_new(BIO_s_null());
224: else {
225: if (PKCS7_type_is_signed(p7) &&
>>>>>> 226:
PKCS7_type_is_data(p7->d.sign->contents)) {
227: ASN1_OCTET_STRING *os;
228: os=p7->d.sign->contents->d.data;
229: if (os->length > 0) bio =
230: BIO_new_mem_buf(os->data,
os->length);
231: }
232: if(bio == NULL) {
233: bio=BIO_new(BIO_s_mem());
234: BIO_set_mem_eof_return(bio,0);
235: }
236: }
237: }
Greg Dowd
[EMAIL PROTECTED]
Staff Scientist
Datum, eBS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
