[openssl-users] Error code 554184855 on PKCS7_sign_add_signer?
Hello everyone, I've been reading smime.c and trying to work my way up from a command that does work. However, I've reached this stage, and I get an error code I don-t know how to diagnose. The source is this(BEWARE: very little error handling, this is just a first informed attempt at the problem): X509 * certificado = NULL; FILE * archivoCertificado = NULL; archivoCertificado = fopen("cert.crt","rb"); if (!archivoCertificado) { qDebug() << "Fallo abrir el archivo del certificado"; return; } PEM_read_X509(archivoCertificado,,NULL,NULL); if (!certificado) { qDebug() << "Fallo al generar la estructura X509"; return; } FILE* archivoLlave = NULL; archivoLlave = fopen("key.key","rb"); EVP_PKEY * llave; PEM_read_PrivateKey(archivoLlave,,NULL,NULL); if (!llave) { qDebug() << "Fallo la lectura de la llave"; return; } BIO * datos = NULL; FILE * fDatos = NULL; fDatos = fopen("Prueba.xml","rb"); if (!fDatos) { qDebug() << "Fallo la apertura del archivo de prueba."; return; } datos = BIO_new_fp(fDatos,NULL); if (!datos) { qDebug() << "Error al leer el archivo de prueba.xml"; return; } PKCS7 *estructura = NULL; if (!PKCS7_sign_add_signer(estructura,certificado,llave,NULL,0)) { qDebug() << "PKCS7_sign_add_signer fallo:" << ERR_get_error(); return; } estructura = PKCS7_sign(certificado,llave,NULL,datos,PKCS7_TEXT); if (!estructura) { qDebug() << "Fallo la creacion de la estructura."; return; } Failure comes at PKCS7_sign_add_signer.. Sorry for the main language used in the code, let me know if its of best practices to keep it to english or if it wouldn't be a real issue for the time being. Kind regards, Anibal.- -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Signing an XML file
2016-12-14 11:17 GMT-03:00 Thomas J. Hruska: > On 12/14/2016 3:28 AM, Dr. Stephen Henson wrote: > >> On Wed, Dec 14, 2016, Salz, Rich wrote: >> >> Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++ users? >>> >>> Look at the apps/pkcs7.c file as a starting point. Get the command line >>> doing what you want, and then work through the code to pull out only the >>> bits you need. >>> >>> >> Actually smime.c is the utility you want for PKCS#7. Alternatively cms.c >> if >> you want CMS (the successor to PKCS#7). >> >> Those though are general purpose utilities which do all sorts of things >> which >> most appications don't care about. There are some demos in demos/smime and >> demos/cms which are much simpler. >> > > PHP is open source software written in C. > > A quick lookup in PHP's git repository (it's source code) turns up: > > http://git.php.net/?p=php-src.git;a=blob;f=ext/openssl/opens > sl.c;h=a4b302bd303579d8f3eb62abdd9f312d3fba264d;hb=HEAD#l5148 > > Now the OP has a model to follow for writing a similar wrapper function > for their project. > > > I've found that when people mention a specific language (in this case, > PHP), they are infatuated with the language but have never bothered to > crack open that language's source code to dig into how the language > actually works. To some extent, they view the language as magical. And to > some other extent, they irrationally fear looking at the source code of the > language. Now is the perfect opportunity for the OP to start learning how > one of their favorite languages operates behind the scenes with the goal of > porting a single function that they are interested in. This approach solves > multiple core developer problems at the same time. > > -- > Thomas Hruska > Shining Light Productions > > Home of BMP2AVI and Win32 OpenSSL. > http://www.slproweb.com/ > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > As a matter of facts, you're indeed right. I was daunted by the idea of going through PHP's source myself.. Thanks for the pointers, guys. I'll report back as soon as I get some progress. Kind regards, Anibal.- -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Signing an XML file
2016-12-13 22:54 GMT-03:00 Salz, Rich: > > Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++ > users? > > Look at the apps/pkcs7.c file as a starting point. Get the command line > doing what you want, and then work through the code to pull out only the > bits you need. > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > Got it, after some more reading, I've managed to pull: A Valid X509 structure with the PEM file. A Valid EVP_PKEY structure with the KEY file. Created a BIO with BIO_new(BIO_s_mem()) and used BIO_read_filename with it. Now I get to the part where I need to call PKCS7_sign() right? If so, I'm missing something, because: PKCS7_sign(cert,key,NULL,fileBIO,NULL) produces NULL as a result. Any hints? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Signing an XML file
Hello everyone, I'm trying to sign an XML file, need to do so with pkcs#7. Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++ users? In particular, I'm using Qt as framework, but have also got OpenSSL libs and headers installed. The target platform is Microsoft Windows (x32) Kind regards, Anibal.- -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users