Hi everybody. I explain my problem with
PKCS7_encrypt(). I have a message in ASN1 converted to DER, which I need first
to sign it and after that, envelop the PKCS7 obtained. That is, I sign the
message, obtaining a PKCS7. Well, there is no problem to obtain the
original data from the signed messagge. I now envelop the signed data, obtaining
a new PKCS7. The problem ocurrs when I try to obtain the original
messagge. When I develop the enveloped message I obtain an empty
PKCS7 structure. I don't understand what can be happenning. This is my
code:
/************Signing the original message (present
in "data")*************/
OpenSSL_add_all_algorithms();
certs = sk_X509_new_null ();
//Obtenemos los datos a firmar en el
bio
bio = BIO_new(BIO_s_mem()); int leidos = BIO_write(bio, data,
long_data);
BIO_flush(bio);
//Firma de los datos PKCS7 *signedData = PKCS7_sign(cert_cli, priv_key_cli, certs, bio, 0); <------ I can obtain the original message from signedData /******************Enveloping the signed
message***********************/
//Añadiremos al recipient el certificado del
receptor
encerts = sk_X509_new_null(); sk_X509_push(encerts,
cert_recep);
//Obtenemos en un bio el contenido que debe ser
envuelto
bio2 = BIO_new(BIO_s_mem()); int long_ = i2d_PKCS7(signedData, NULL);
leidos = BIO_write(bio2, signedData, long_);
BIO_flush(bio2);
//El cifrado que vamos a utilizar
const EVP_CIPHER *cipher = EVP_des_ede3_cbc(); //Envolvemos el contenido
PKCS7 *envelopedData = PKCS7_encrypt(encerts, bio2, cipher, 0); <------- I obtain an empty PKCS7 structure when I develop envelopedData ¿¿¿¿???? Some suggest? .Thanks
|