Hello all, I have a question on controlling the signing time when generating PKCS7 signed files.. I traced the code down to the PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime, V_ASN1_UTCTIME,sign_time); call in PKCS7_dataFinal function in pk7_doit.c in crypto/pkcs7 directory.. I wanted to be able to tell the application what the signing time ought to be. So I tried setting sign_time to some value greater than x509->cert_info->validity->notBefore (for example). This does change the PKCS7 signingTime BUT (a big one too) I also see that somehow the validity.start time of the X.509 cert that goes into the PKCS7 file also gets changed to this value.. I was wondering if I am perhaps setting the signingTime at the wrong place.. If not could someone please help me de-couple the PKCS7 signingTime from the X.509 validity.start time... Thanks much for your help.. Best Regards, Kishore. __________________________________________________ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
