Hi,
I have a few questions about the usage of the PKCS7 functions in
OpenSSL.
My code works: it creates a PKCS7 SignedAndEnveloped. I get the idea
from the enc.c and dec.c files in crypto/pkcs7 directory.
Before my code worked i wrote another code that seemed to be ok but
didn't work. Let me explain, PKCS7 standard says that a SignerInfo is
needed to create the PKCS7 so i called the next functions:
X509 *cert = ...
EVP_PKEY *pkey = ...
PKCS7_SIGNER_INFO* signer = PKCS7_SIGNER_INFO_new();
PKCS7_SIGNER_INFO_set(signer, cert, pkey, EVP_sha1());
PKCS7_add_signer(p7, signer);
PKCS7_add_recipient(p7, rec_cert);
PKCS7_dataFinal(p7, bio);
This seemed to be the most reasonable way to do it but it didn't work.
The code i have now (the one that works) is:
PKCS7_add_signature(p7, cert, pkey, EVP_sha1());
PKCS7_add_certificate(p7, cert);
PKCS7_add_recipient(p7, rec_cert);
PKCS7_dataFinal(p7, bio);
Can anyone explain what are those PKCS7_add_signature and
PKCS7_add_certificate calls? Do they set a PKCS_SignerInfo
automatically? I do not really understand why my initial code didn't
work.
Any help would be really appreciated.
Regards,
Aleix
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
