On Mon, Aug 04, 2003, Danny Joseph wrote: > > I am new in the openssl world so my questions migth be basic. > > I have a binary code file that I have to sign (using a private key and one > > or more certificat). > > It has to be PKCS#7(SHA1 with RSA encryption) DER encoded Signed Data. > > So : > > 1- I have to create a PKCS#7 data message from my binary file. > > 2- Sign this last PKCS#7 file -> In my signed data, there will be > > one (or more) certificats along with their Signing Info. I need to put a > > signing time as well. > > > > There is the pkcs7 to create a PKCS#7 fiel from my binary file but it has > > to be PEM or DER input. > > Then, there is the crl2pkcs7 function to add certificats to the PKCS#7 > > file, without crl in my case. > > Then, I have to sign the whole thing with a SigningTime. I read on the > > x509(1) function along with the req. > > I saw rsault as well as dgst(1) but I am a little bit lost in all those > > functions and their differences. > > Any suggestions to help me through this > > Tx > >
You should look at the smime command, it does most or all of what you want. By default it uses S/MIME format and text translation but if you use the -binary and -outform DER options it should be more suited to your needs. Signing time is added automatically. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
