Hello!
I'm trying to add a new signer to a PKCS#7 that I receive from
another person. In first term, I'm decoding the PKCS#7 and then I'm
trying to using my private key and my cert to sign the content of this
PKCS#7 and insert my signature in this PKCS#7 in order to get the PKCS#7
with the two signatures. The problem is that, when I'm verifying the
PKCS#7 obtained, with this code, the first signature is invalid and the
second one is valid (the first signature's signer).
I have parsed the result and I think the problem is the length of the
signature is 0.
Do you have any idea?
Could you help me, please?
Regards,
Antonio.
PKCS7 *p7_Co=B64_read_PKCS7(in);
if (p7_Co==NULL) {
printf("Error\n");
}
BIO_free(in);
PKCS7_SIGNER_INFO
*si=PKCS7_add_signature(p7_Co,certCo,privKeyCo,EVP_md5());
PKCS7_add_certificate(p7_Co,certCo);
if ((p7bio=PKCS7_dataInit(p7_Co,NULL))==NULL) {
return -1;
}
BIO_write(p7bio,ASN1_STRING_data(p7_Co->d.data),ASN1_STRING_length(p7_Co->d.data));
BIO_flush(p7bio);
if (!PKCS7_dataFinal(p7_Co,p7bio)) {
return -2;
}
BIO_free(p7bio);
int lenDerP7Co=i2d_PKCS7(p7_Co,NULL);
unsigned char *derSignedP7Co=(unsigned char
*)malloc((lenDerP7Co)*sizeof(unsigned char));
if ((derSignedP7Co)==NULL) {
return -3;
}
unsigned char *tmpderP7Co=derSignedP7Co;
lenDerP7Co=i2d_PKCS7(p7_Co,&tmpderP7Co);
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
