Hi all/ I am shiva, working on security issues using Openssl Api's. Our requirement is we need to Sign the file, compress the file , encrypt the file as a CMS(crypto graphic message syntax) package. I am able to do the signing, compression, encryption using the OpenSSl Api's in C language. But our requirement is we need to envelope the signed , compressed and encrypted files as a CMS package.
Basically we are using RSA_sign EVP_EncryptUpdate RSA_public_encrypt for signing and encryption of the data. But we did not understand how to implement those as a CMS package. I am thinking Implementing the above functions it self implementation of CMS, but I am not sure about it, can you please conform whether I am correct or not ? if I am wrong, is there any functions that I need to implement for the CMS. And one more doubt is does using of openssl Api's will implement the CMS or not ? If all my understating is wrong please let me know what are the implementations for the CMS using the openssl. Please help me in this regard… Thanks in advance
