On Wed, 15 Aug 2001, Khassaia, Amir wrote:
>
> Hi,
> I've encountered the following problem:
> I generate PKCS#7 detached & signed data using CryptSignMessage() in
> CryptoAPI and try to verify it using OpenSSL but I get an OpenSSL Error:
> {error:2107106C:PKCS7 routines:PKCS7_signatureVerify:unable to fi
> nd message digest}.
There are Authenticated Attributes in SignerInfo and no message digest
attribute or something wrong with it.
> I tried using PKCS7_dataVerify() and PKCS7_signatureVerify() invoked for
> each signer certificate in the PKCS#7 object. PKCS7_DataVerify() finds the
> certifcate status valid before invoking PKCS7_signatureVerify() and failing
> as stated above...
It is PKCS7_signatureVerify() that will try to
PKCS7_digest_from_attributes().
> CryptoAPI manages to verify its own PKCS#7 data however, is this due to the
:)
> byte ordering of signatures which some other people have been refering to
> over the past or did I miss something fundamental ?
Here's good news: pkcs7 specifications are public.
pkcs7 data sample could help to see details.
Regards,
Vadim
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
