On Tue, Jan 01, 2008, rfx wrote: > An IGC need sign request certificat to subscribe only in CMS RFC2360 format > so i would like (but i don't know if it's the best solution) to make it > using asn1parse and genconf functions. > > I try to reproduce an example of CMS signeddata with first part is : > > -------------------------- > 0:d=0 hl=4 l=2950 cons: SEQUENCE 4:d=1 hl=2 l= 9 prim: > OBJECT :pkcs7-signedData > 15:d=1 hl=4 l=2935 cons: cont [ 0 ] 19:d=2 hl=4 l=2931 cons: > SEQUENCE 23:d=3 hl=2 l= 1 prim: INTEGER :01 > 26:d=3 hl=2 l= 11 cons: SET 28:d=4 hl=2 l= 9 cons: > SEQUENCE 30:d=5 hl=2 l= 5 prim: OBJECT :sha1 > 37:d=5 hl=2 l= 0 prim: NULL 39:d=3 hl=4 l= 929 cons: > SEQUENCE 43:d=4 hl=2 l= 9 prim: OBJECT :pkcs7-data > 54:d=4 hl=4 l= 914 cons: cont [ 0 ] 58:d=5 hl=4 l= 910 prim: > OCTET STRING :MIME-Version: 1.0 > Content-Type: application/pkcs10; name="smime.p10" > Content-Transfer-Encoding: base64 > Content-Disposition: attachment; filename=smime.p10 > ...etc ... > -------------------------- > > So i try to make this cnf file to use it with openssl.exe asn1parse > -genconf asn1.cnf -noout -out asn1sign.txt: > > -------------------------- > asn1=SEQUENCE:Signed_Data > > [Signed_Data] > objet= OBJECT:pkcs7-signedData > sequence=SEQUENCE:version > > [version] > version=INTEGER:01 > set=SET > sequence=SEQUENCE:algo > > [algo] > disgest=OID:SHA1 > nul=NULL > sequence=SEQUENCE:data > > [data] > objet=OBJECT:pkcs7-data > octet=OCTETSTRING:MIME-Version: 1.0\ > Content-Type: application/pkcs10; name="smime.p10"\ > Content-Transfer-Encoding: base64\ > Content-Disposition: attachment; filename=smime.p10 > > -------------------------- > > I Begin in ASN.1 langage and i don't know how to reproduce "cont[0]" and > add CRLF end string to an OCTETSTRING ... > > Thanks for help >
Looks like a PKCS#7 signedData structure. You should be able to use the "smime" application to generate that. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
