Hello, I have some general questions concerning digital signatures.
Firstly, sorry if my questions are vague - I'm giving all the information I have myself - the reason that I'm having a problem may be partly because the request I have is itself too vague! I'm trying to communicate with a 3rd-party piece of software, which sends/receives its documents digitally signed. According to the developers of that software, it signs data "using PKCS#7 and SHA-1". In short, I am trying to both sign a data file using that combination of protocols, and in reverse, verify the signature of the incoming data. We already use Open-SSL for the HTTPS connection, and I already have a public/private key pair, and access to the remote party's public key. From what I can see, Open-SSL supports both PKCS#7 and SHA-1. Using SHA-1 alone, I have been able to sign data, and verify my own signed data. My questions are (again, sorry if they're a bit hazy): - Is it possible to sign data "using PKCS#7" - I thought PKCS#7 was more a general syntax than an algorithm. - What steps do I go through to sign a file using PKCS#7 and SHA-1 (SHA-1 on its own I am already clear on - it's PKCS#7 that is causing confusion!). - Is there a good resource (like a tutorial) where I can find out how to do this using Open-SSL? - My file could be any data on the UNIX filesystem - in other words, it is not in PKCS#7 syntax. How do I encapsulate the file using PKCS#7, then digitally sign it? Any information (whether it be general guidance, or step-by-step commands!) would be really appreciated. Thanks in advance. Tom Reader ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
