PKCS7 usage?

[zhu qun-ying]

Hi All,

I am little bit confuse on the usage of the PKCS7_* functions.

If I have a file that need to be signed and I want the signed data to be
separately from the file and store else where. I follow the sign.c example, but
get lost a little bit, should I get the digest using EVP_digest*() functions or
just use the PKCS7_* functions? Which sequence should I follow?

For a sending and receiving scenario, is the X509 * the cert. of the receiver?
and EVP_PKEY * the sender's private key? (Referring to signed.c example) Is the
sender's cert also need to include in the PKCS7?

-- 
(~._.~)  Öì Ⱥ Ó¢  (Qun-Ying)  (65) 874-6743
 ( O )
()~*~()
(_)-(_)[EMAIL PROTECTED]  *  [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: PKCS7 usage?

[zhu qun-ying]

Dr S N Henson wrote:
 Well it doesn't have to be a file. Any BIO will do.
 
 The S/MIME API doesn't currently have an init/update/final equivalent
 though.
 
I am facing a problem here: the decrypted data is stored in some strange format
(beyond my control), and I have to read in the data into buffer block by block
to verify the data. How do I setup such operations?

Regards
-- 
(~._.~)  Öì Ⱥ Ó¢  (Qun-Ying)  (65) 874-6743
 ( O )   TrustCopy Pte Ltd / Kent Ridge Digital Labs
()~*~()  21 Heng Mui Keng Terrace,  Singapore 119613
(_)-(_)[EMAIL PROTECTED]  *  [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]