Thank you Stephen. I'll try to do that and then I'll tell the others
OFTP2 editors how to do !
BTW: Rich told me : "open a ticket". I tried to do by writing to
r...@openssl.org but I got nothing back.
Best regards,
--
Francis
Le 20/09/2014 01:36, Dr. Stephen Henson a écrit :
On Fri, Sep 12, 2014, Francis GASCHET wrote:
Hello,
From the man page, it looks like signing packages always use SHA1,
and there is no argument to pkcs7_sign and cms_sign functions which
would allow to chose the algorithm.
May be I missed something... Or is there some method to sign with
another hsah algorithm ?
CMS_sign() does use the default digest only. The cms application can use
a different digest though. You can do the same: it's slightly more
complex but not difficult. In outline you do this:
Call CMS_sign() set the private key argument to NULL and include the flag
CMS_PARTIAL (if you don't already). This just initialises the structure
without actually signing anything.
Add the signer(s) using CMS_add1_signer() you can specify the digest algorithm
to use with this call. You can add multiplers signer using different digest
algorithms here.
If you're streaming call SMIME_write_CMS() as normal. If not call CMS_final()
which will finalise the structure and you can then write it out. This
finalises the strcutures and performs the content digesting and
signing______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
