mån 2003-08-04 klockan 18.54 skrev Danny Joseph: > I am new in the openssl world so my questions migth be basic. > I have a binary code file that I have to sign (using a private key and one > or more certificat). > It has to be PKCS#7(SHA1 with RSA encryption) DER encoded Signed Data. > So : > 1- I have to create a PKCS#7 data message from my binary file. > 2- Sign this last PKCS#7 file -> In my signed data, there will be > one (or more) certificats along with their Signing Info. I need to put a > signing time as well.
PKCS7_encrypt() & PKCS7_sign() maybe? I do not think the required operations is available in the openssl tool for your purpose. Some programming will probably be needed to use OpenSSL in this manner. Note: The OpenSSL pkcs7 functions is primarily designed for SSL related operations (i.e. CRL lists) and as such is not a complete PKCS #7 implementation from what I can tell. It is fully possible what you are trying to accomplish is beyond the capabilities of the OpenSSL PKCS #7 functions. For example the documentation to PKCS7_sign() says (under BUGS) that only a single signer certificate is supported by the implementation. Regards Henrik -- Henrik Nordstrom <[EMAIL PROTECTED]> MARA Systems AB ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
