Hello!
Peter Sylvester wrote:
You may try a routine like the following by replacing all occurences ofOk you're right, I thought to use that identifier when I have the timeStampToken but at this moment I only want to make some test so as to know if it is possible to use it.
ESS_SIGNING_CERTIFICATE by PKCS7
and change the nid to the PKCS9 V2 defined one.
Or to consider to (mis)use
id-aa-timeStampToken OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) aa(2) 14 }
The difference I see is that the i2d is done before setting the attribute.Ok I agree with you, that is the only difference with my code and it is the only thing that I can see different.
Thanks for your help.
Regards,
Antonio.
int ESS_add_attrib_signcert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERTIFICATE *sc) { ASN1_STRING *seq; unsigned char *p, *pp ; int len;
len = i2d_ESS_SIGNING_CERTIFICATE(sc, NULL); if (!(pp = (unsigned char *) OPENSSL_malloc(len))) { ESSerr(ESS_F_ADD_ATTRIB_SIGNCERT,ERR_R_MALLOC_FAILURE); return 0; } p = pp; i2d_ESS_SIGNING_CERTIFICATE(sc, &p);
if(!(seq = ASN1_STRING_new())) {
OPENSSL_free(pp);
ESSerr(ESS_F_ADD_ATTRIB_SIGNCERT,ERR_R_MALLOC_FAILURE);
return 0;
}
if(!ASN1_STRING_set (seq, pp, len)) {
ASN1_STRING_free(seq);
OPENSSL_free(pp);
ESSerr(ESS_F_ADD_ATTRIB_SIGNCERT,ERR_R_MALLOC_FAILURE);
return 0;
}
OPENSSL_free(pp); return PKCS7_add_signed_attribute(si, NID_id_smime_aa_signingCertificate, V_ASN1_SEQUENCE, seq);
}
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
-- ------------------------------------------------------ Antonio Ruiz Martínez Faculty of Computer Science-University of Murcia 30071 Murcia - Spain e-mail: [EMAIL PROTECTED] or arm [at] dif [dot] um [dot] es ------------------------------------------------------
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]