I have a piece of date need to be PKCS7 signed (pkcs-7 2), and
authenticateAttributes is always required.
authenticateAttributes
{
contentType { {pkcs-9 3} {pkcs-7 1}} messsageDigest { {pkcs-9 4} -- an octet string } Firstly, I am not clear what is the messageDigest from. Is it
the digest of the "content" part, or I should add other random data, and then
digest it.
In pkcs7_sign() function. to add the authenticateAttributes,
function PKCS7_add_signed_attribute() should be called.
................................
/* If you do this then you get signing time
automatically added */
PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data)); ................................ I can't see the interface to fill the attribute
value.
Secondly, it is about the DER format, could someone give me a
DER example for it?
Thanks in advance,
Dennis
|