Thank you Mr. Henson, I only have one problem: it takes a PKCS#7 file in input but mine is binary. I tried with the -binary command but it still say that it can not read the S/MIME message, so it does not recognise my file as a binary one. Any suggestion?
Danny Electroline Equipment Inc, Montreal Tel: (514) 374-6204 #447 Fax: (514) 374-8901 E-mail: [EMAIL PROTECTED] -----Original Message----- From: Dr. Stephen Henson [mailto:[EMAIL PROTECTED] Sent: Monday, August 04, 2003 2:48 PM To: [EMAIL PROTECTED] Subject: Re: Signing a binary file On Mon, Aug 04, 2003, Danny Joseph wrote: > > I am new in the openssl world so my questions migth be basic. > > I have a binary code file that I have to sign (using a private key and one > > or more certificat). > > It has to be PKCS#7(SHA1 with RSA encryption) DER encoded Signed Data. > > So : > > 1- I have to create a PKCS#7 data message from my binary file. > > 2- Sign this last PKCS#7 file -> In my signed data, there will be > > one (or more) certificats along with their Signing Info. I need to put a > > signing time as well. > > > > There is the pkcs7 to create a PKCS#7 fiel from my binary file but it has > > to be PEM or DER input. > > Then, there is the crl2pkcs7 function to add certificats to the PKCS#7 > > file, without crl in my case. > > Then, I have to sign the whole thing with a SigningTime. I read on the > > x509(1) function along with the req. > > I saw rsault as well as dgst(1) but I am a little bit lost in all those > > functions and their differences. > > Any suggestions to help me through this > > Tx > > You should look at the smime command, it does most or all of what you want. By default it uses S/MIME format and text translation but if you use the -binary and -outform DER options it should be more suited to your needs. Signing time is added automatically. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
