Re: Data and Signature (envelope)

Thu, 25 Apr 2013 06:41:15 -0700 

I looked at the latest smsign.c shown below modified with a large data item.
The result is still a detached and quite small like a signature. The flag
changed 
and yet nothing different. It should be quite large. All I see is the API to
soign
p7 = PKCS7_sign(scert, skey, NULL, in, flags);

and tried to do some data content with only core dumps, so what modification
do I have to do to store objects I can get later from the PKCS7?

#include <openssl/pem.h>
#include <openssl/pkcs7.h>
#include <openssl/err.h>

int main(int argc, char **argv)
        {
        BIO *in = NULL, *out = NULL, *tbio = NULL;
        X509 *scert = NULL;
        EVP_PKEY *skey = NULL;
        PKCS7 *p7 = NULL;
        int ret = 1;

        /* For simple S/MIME signing use PKCS7_DETACHED.
         * On OpenSSL 0.9.9 only:
         * for streaming detached set PKCS7_DETACHED|PKCS7_STREAM
         * for streaming non-detached set PKCS7_STREAM
         */
        //      int flags = PKCS7_DETACHED|PKCS7_STREAM;
        int flags = PKCS7_STREAM;

        OpenSSL_add_all_algorithms();
        ERR_load_crypto_strings();

        /* Read in signer certificate and private key */
        tbio = BIO_new_file("signer.pem", "r");

        if (!tbio)
                goto err;

        scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);

        BIO_reset(tbio);

        skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);

        if (!scert || !skey)
                goto err;

        /* Open content being signed */

        in = BIO_new_file("my.pdf", "r");

        if (!in)
                goto err;

        /* Sign content */
        p7 = PKCS7_sign(scert, skey, NULL, in, flags);

        if (!p7)
                goto err;

        out = BIO_new_file("smout.txt", "w");
        if (!out)
                goto err;

        if (!(flags & PKCS7_STREAM))
                BIO_reset(in);

        /* Write out S/MIME message */
        if (!SMIME_write_PKCS7(out, p7, in, flags))
                goto err;

        ret = 0;

        err:

        if (ret)
                {
                fprintf(stderr, "Error Signing Data\n");
                ERR_print_errors_fp(stderr);
                }

        if (p7)
                PKCS7_free(p7);
        if (scert)
                X509_free(scert);
        if (skey)
                EVP_PKEY_free(skey);

        if (in)
                BIO_free(in);
        if (out)
                BIO_free(out);
        if (tbio)
                BIO_free(tbio);

        return ret;

        }





--
View this message in context: 
http://openssl.6102.n7.nabble.com/Data-and-Signature-envelope-tp44885p44912.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to