Re: PKCS7_add_attribute

[Antonio Ruiz Martínez]

Dr. Stephen Henson wrote: On Thu, Sep 16, 2004, Antonio Ruiz Martínez wrote: Hello! Dr. Stephen Henson wrote: My guess is that there's a problem with the generation of the encoding of the attribute: what code did you use for that? oct=ASN1_STRING_new(); if (!ASN1_STRING_set(oct,p72,lenP72)) { lReturn=-50; goto err; } p7=PKCS7_new(); if (p7==NULL) { lReturn=-20; goto err; } //add certificate and keys... ... //get the signer info... PKCS7_add_attribute(si, NID_pkcs7_signed, V_ASN1_SEQUENCE,(char *)oct); //insert the date with PKCS7_dataInit and bio_write and PKCS7_dataFinal... //ENCODE in DER ... .... Any idea? Its the bit *before* that which is needed: the part that produces p72 and lenP72. The p72 is a PKCS7 that I read from a file as an array of bytes coded in DER. The PKCS7 is not generated in the same function, it is only read from a file because I'm simulating that I receive an PKCS7 that I want to insert in my PKCS7. The steps followed to generate the p72 the same as the steps followed to make this PKCS7 but without inserting any attribute and I got it from the code of the directory crypto/p7. This PKCS7 I can verify it without any problem. The code I'm using folows the following steps... p7_new=PKCS7_new(); PKCS7_set_type(p7_new,NID_pkcs7_signed); PKCS7_content_new(p7_new,NID_pkcs7_data); si=PKCS7_add_signature(p7_new,cert,privKey,EVP_md5()); PKCS7_add_certificate(p7_new,cert)) PKCS7_dataInit BIO_write BIO_flush PKCS7_dataFinal //Coding in der... p72= ... If you want I can send you the complete code. I also tried to do the following....     seq=d2i_PKCS7(NULL,&p72,lenP72);     ldP7=i2d_PKCS7(seq,NULL);     dSP7=(unsigned char *)malloc((ldP7)*sizeof(unsigned char));     tmpderP7=dSP7;     ldP7=i2d_PKCS7(p72,&tmpderP7);     oct=ASN1_STRING_new();     if (!ASN1_STRING_set(oct,dSP7,ldP7)) {     } p7=PKCS7_new(); if (p7==NULL) { lReturn=-20; goto err; } //add certificate and keys... ... //get the signer info... PKCS7_add_attribute(si, NID_pkcs7_signed, V_ASN1_SEQUENCE,(char *)oct); //insert the date with PKCS7_dataInit and bio_write and PKCS7_dataFinal... //ENCODE in DER ... .... But this code doesn't work either. Regards, Antonio.