Re: [openssl-users] Signing an XML file

2016-12-14 Thread silvioprog
On Wed, Dec 14, 2016 at 11:47 AM, Anibal F. Martinez Cortina <
linuxkid.z...@gmail.com> wrote:
[...]

> As a matter of facts, you're indeed right. I was daunted by the idea of
> going through PHP's source myself..
> Thanks for the pointers, guys.
> I'll report back as soon as I get some progress.
>
> Kind regards,
> Anibal.-
>

Add xmlsec to your wishlist. :-)

https://www.aleksey.com/xmlsec/api/xmlsec-examples.html

--
Silvio Clécio
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


Re: [openssl-users] Signing an XML file

2016-12-14 Thread Anibal F. Martinez Cortina
2016-12-14 11:17 GMT-03:00 Thomas J. Hruska 
:

> On 12/14/2016 3:28 AM, Dr. Stephen Henson wrote:
>
>> On Wed, Dec 14, 2016, Salz, Rich wrote:
>>
>> Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++
 users?

>>>
>>> Look at the apps/pkcs7.c file as a starting point.  Get the command line
>>> doing what you want, and then work through the code to pull out only the
>>> bits you need.
>>>
>>>
>> Actually smime.c is the utility you want for PKCS#7. Alternatively cms.c
>> if
>> you want CMS (the successor to PKCS#7).
>>
>> Those though are general purpose utilities which do all sorts of things
>> which
>> most appications don't care about. There are some demos in demos/smime and
>> demos/cms which are much simpler.
>>
>
> PHP is open source software written in C.
>
> A quick lookup in PHP's git repository (it's source code) turns up:
>
> http://git.php.net/?p=php-src.git;a=blob;f=ext/openssl/opens
> sl.c;h=a4b302bd303579d8f3eb62abdd9f312d3fba264d;hb=HEAD#l5148
>
> Now the OP has a model to follow for writing a similar wrapper function
> for their project.
>
>
> I've found that when people mention a specific language (in this case,
> PHP), they are infatuated with the language but have never bothered to
> crack open that language's source code to dig into how the language
> actually works.  To some extent, they view the language as magical.  And to
> some other extent, they irrationally fear looking at the source code of the
> language.  Now is the perfect opportunity for the OP to start learning how
> one of their favorite languages operates behind the scenes with the goal of
> porting a single function that they are interested in. This approach solves
> multiple core developer problems at the same time.
>
> --
> Thomas Hruska
> Shining Light Productions
>
> Home of BMP2AVI and Win32 OpenSSL.
> http://www.slproweb.com/
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>

As a matter of facts, you're indeed right. I was daunted by the idea of
going through PHP's source myself..
Thanks for the pointers, guys.
I'll report back as soon as I get some progress.

Kind regards,
Anibal.-
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


Re: [openssl-users] Signing an XML file

2016-12-14 Thread Thomas J. Hruska

On 12/14/2016 3:28 AM, Dr. Stephen Henson wrote:

On Wed, Dec 14, 2016, Salz, Rich wrote:


Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++ users?


Look at the apps/pkcs7.c file as a starting point.  Get the command line doing 
what you want, and then work through the code to pull out only the bits you 
need.



Actually smime.c is the utility you want for PKCS#7. Alternatively cms.c if
you want CMS (the successor to PKCS#7).

Those though are general purpose utilities which do all sorts of things which
most appications don't care about. There are some demos in demos/smime and
demos/cms which are much simpler.


PHP is open source software written in C.

A quick lookup in PHP's git repository (it's source code) turns up:

http://git.php.net/?p=php-src.git;a=blob;f=ext/openssl/openssl.c;h=a4b302bd303579d8f3eb62abdd9f312d3fba264d;hb=HEAD#l5148

Now the OP has a model to follow for writing a similar wrapper function 
for their project.



I've found that when people mention a specific language (in this case, 
PHP), they are infatuated with the language but have never bothered to 
crack open that language's source code to dig into how the language 
actually works.  To some extent, they view the language as magical.  And 
to some other extent, they irrationally fear looking at the source code 
of the language.  Now is the perfect opportunity for the OP to start 
learning how one of their favorite languages operates behind the scenes 
with the goal of porting a single function that they are interested in. 
This approach solves multiple core developer problems at the same time.


--
Thomas Hruska
Shining Light Productions

Home of BMP2AVI and Win32 OpenSSL.
http://www.slproweb.com/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


Re: [openssl-users] Signing an XML file

2016-12-14 Thread Dr. Stephen Henson
On Wed, Dec 14, 2016, Salz, Rich wrote:

> > Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++ 
> > users?
> 
> Look at the apps/pkcs7.c file as a starting point.  Get the command line 
> doing what you want, and then work through the code to pull out only the bits 
> you need.
> 

Actually smime.c is the utility you want for PKCS#7. Alternatively cms.c if
you want CMS (the successor to PKCS#7).

Those though are general purpose utilities which do all sorts of things which
most appications don't care about. There are some demos in demos/smime and
demos/cms which are much simpler.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


Re: [openssl-users] Signing an XML file

2016-12-13 Thread Anibal F. Martinez Cortina
2016-12-13 22:54 GMT-03:00 Salz, Rich :

> > Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++
> users?
>
> Look at the apps/pkcs7.c file as a starting point.  Get the command line
> doing what you want, and then work through the code to pull out only the
> bits you need.
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>

Got it, after some more reading, I've managed to pull:
A Valid X509 structure with the PEM file.
A Valid EVP_PKEY structure with the KEY file.
Created a BIO with BIO_new(BIO_s_mem()) and used BIO_read_filename with it.

Now I get to the part where I need to call PKCS7_sign() right?
If so, I'm missing something, because:
PKCS7_sign(cert,key,NULL,fileBIO,NULL) produces NULL as a result.

Any hints?
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


Re: [openssl-users] Signing an XML file

2016-12-13 Thread Salz, Rich
> Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++ users?

Look at the apps/pkcs7.c file as a starting point.  Get the command line doing 
what you want, and then work through the code to pull out only the bits you 
need.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


[openssl-users] Signing an XML file

2016-12-13 Thread Anibal F. Martinez Cortina
Hello everyone, I'm trying to sign an XML file, need to do so with pkcs#7.
Is there some equivalent to PHP's openssl_sign_pkcs7 function for C/C++
users?
In particular, I'm using Qt as framework, but have also got OpenSSL libs
and headers installed.
The target platform is Microsoft Windows (x32)

Kind regards,
Anibal.-
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users