Hi Harald, ThankQ for the information , but my doubt is if I do signing at sender side with a flag (PKCS7_sign(x509 , priv , NULL , in , PKCS7_DETACHED)), then at receiving side when I am doing verification how can I will be knowing that the sender has sent the data with the flag PKCS7_DETACHED ... and coming to the compression do any API's are there in Openssl (version 0.9.7e) ,for CMS envelope , so that we can use directly ...
Thanks in advance --shankar On 4/22/08, Harald Latzko <[EMAIL PROTECTED]> wrote: > > Hi Shankar, > > if you're dealing with OFTP2 (I assume you're implementing this because of > older posts refering to the protocol and its RFC), you may inspect the field > SFIDSEC. Taken from the RFC 5024, ch. 5.3.3: > > Value: '00' No security services > '01' Encrypted > '02' Signed > '03' Encrypted and signed > > Indicates whether the file has been signed and/or encrypted > before transmission. > > This should answer your question. Anticipating your next question: > compression is indicated via the flag SFIDCOMP (where a value of zero [0] > means no compression and one [1] is ZLIB compression). > > Regards, > Harald > > > Am 21.04.2008 um 20:32 schrieb shankar ks: > > Hi .. > > > > When we sign a file using pkcs7_sign with the given set of flags , how > > does the receiver know and have to use the appropriate flag for verification > > .. > > > > > > -- > > --Best Regards > > Shankar > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > -- --Best Regards Shankar
