Hello All,
I have the requirement to sign the data in CMS format. I used PKCS7_sign function , which outputs data in
PKCS#7 format. After creating signed data, I am
passing the data to the function “Verify_CMS()” (This function is
not listed below, part of _javascript_) to verify. But this function is
returning “Incorrect CMS” error.
Is there any mistake in the following piece of code in creating signed data in
PKCS#7 format?
Any comment on this will help me greatly. Thanking you…
PBYTE PKI_SignData (PBYTE
pbByteArraytoAuthenticate, unsigned int uiByteArraytoAuthenticate_len,
int ioptions, char* pcCertName) {
unsigned char* pcTempAuthData = NULL;
unsigned short usDataLength = 0;
X509 *pSignerCert = NULL;
EVP_PKEY *pkey = NULL;
BIO *InputData = NULL;
if (pbByteArraytoAuthenticate == NULL)
return 0;
/* check options parameters and validate the platform support */
if ( (ioptions & 1) && (bSupportingOpaqueSignatures == false) )
{
g_pkiReasonCode = CMS_NO_OPAQUE_SIGNATURES;
return 0;
}
if ( (!(ioptions & 1)) && (bSupportingDitachedSignatures == false)
)
{
g_pkiReasonCode = CMS_NO_DETACH_SIGNATURE;
return 0;
}
if ( (ioptions & 2) && (bStoringCertificate == false) )
{
g_pkiReasonCode = CMS_NO_CERTIFICATE;
return 0;
}
pSignerCert = GetCertifcateByCertName(pcCertName); // get certificate from Cert
store
if(!pSignerCert)
{
g_pkiReasonCode = CMS_NO_CERTIFICATE;
return 0;
}
pkey = GetRSAPrivateKeyByCertName(pcCertName); // gets corresponding
private key
if(!pkey)
{
g_pkiReasonCode = CMS_NO_CERTIFICATE;
return 0;
} InputData =
GetBIOBydata((char*)pbByteArraytoAuthenticate, uiByteArraytoAuthenticate_len);
// converts array of data to bio, since PKCS7_sign takes data in
//bio format
if(!InputData)
{
g_pkiReasonCode = CMS_FAILURE;
return 0;
}
EVP_add_digest(EVP_sha1());
EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
EVP_add_digest(EVP_dss1());
EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
EVP_add_digest_alias(SN_dsaWithSHA1,"dss1");
pkcs7 = PKCS7_sign (pSignerCert, pkey, NULL,
InputData, options); // here options =
0
usDataLength = ASN1_item_i2d(pkcs7, &pcTempAuthData,ASN1_ITEM_rptr(PKCS7));
if (!usDataLength)
{
g_pkiReasonCode = CMS_FAILURE;
return 0;
}
Return pcTempAuthData;
} Thanks, Madhu ##################################################################### This Email Message is for the sole use of the intended recipient(s) and May contain CONFIDENTIAL and PRIVILEGED information. LG Soft India will not be responisible for any viruses or defects or any forwarded attachements emanating either from within LG Soft India or outside. Any unauthorised review , use, disclosure or distribution is prohibited. If you are not intentded recipient, please contact the sender by reply email and destroy all copies of the original message. ##################################################################### |
- Signed data in CMS format Madhu Sudhan Reddy
- Re: Signed data in CMS format terr
- Signed data in CMS format Madhu Sudhan Reddy