Hello Mathias,
Mathias Brossard wrote:
On Tue, 2004-10-05 at 17:44, Goetz Babin-Ebell wrote:
PKCS7_sign() has the disadvantage that all signed data must be kept in memory.
[...]
/* we got the digest of the data, now create a PKCS#7 detached signed object... */ p7 = PKCS7_signHash(signer, key, other, pMD, caDigest, flags);
I'm a little disappointed your solution only works for PKCS7_sign for detached signatures.
It is a quickfix for a problem I had: sign some (potentially really big) data I don't know the length of at the moment I start the signing.
I know BER allows that but then I would have to do all the BER encoding myself instead of using OpenSSL. I didn't want to go into that hell...
Bye
Goetz
-- Goetz Babin-Ebell, software designer, TC TrustCenter AG, Sonninstr. 24-28, 20097 Hamburg, Germany Office: +49-(0)40 80 80 26 -0, Fax: +49-(0)40 80 80 26 -126 www.trustcenter.de www.betrusted.com
smime.p7s
Description: S/MIME Cryptographic Signature