Hi there,
I have a problem to fill a PKCS#7 (or CMS) structure and I can't find any hints
on the web so I hope someone in this group can help.
How to read or write a PKCS7 file programatically I have managed, but I have
the following problem:
I have a digital signature of a document done by a smartcard and I have the
modulus and the exponent of the smartcards public key. Additional there is
alist of attributes token from the smartcard that should be saved too.
I want to store all this informations into an PKCS#7 structure. How to do this.
My approach looks like this:
PKCS7* pPKCS = PKCS7_new();
PKCS7_set_type( pPKCS, NID_pkcs7_enveloped );
PKCS7_content_new( pPKCS, NID_pkcs7_data );
// create Public Key object
EVP_PKEY* pPublicKey = EVP_PKEY_new();
// create RSA-key
RSA* pRSA = RSA_new();
pRSA->n = BN_bin2bn( pPublicModulus, nPublicModulusLength, NULL );
pRSA->e = BN_bin2bn( pPublicExponent, nPublicExponentLength, NULL );
// assign RSA to public key
EVP_PKEY_assign_RSA( pPublicKey, pRSA );
// set hashalgrotihm from extern by name
const EVP_MD* pMD = EVP_get_digestbyname( hashAlgorithmName );
PKCS7_set_digest( pPKCS, pMD );
This works fine but isn't very much. The reulsting file (done with
i2d_PKCS7_bio( pOutFile, pPKCS ) ) is only 40 bytes long!
I have found the following commands that seem to be useful:
PKCS7_add_signature - maybe I could add the digital signature text from the
smartcard
PKCS7_set_certs - X509?
PKCS7_set_detached - don't know
How to fill in the attributes from the smartcard (signaturecard)?
How do I add the created digital signature (and without verifying anything)?
What else do I need to add for a complete CMS file?
Hope someone can help me or send me some sample code.
Thanks in advance,
Frank Wockenfuß
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
