Re: PKCS7_add_attribute

[Antonio Ruiz Mart�nez]

Hello! Dr. Stephen Henson wrote: On Wed, Sep 15, 2004, Antonio Ruiz Martínez wrote: Hello! I've looking at the PKCS7_add_attribute function and I would like to insert a signed PKCS7 as an attribute. The header of the function is: PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,void *value); I suppose that nid should be the NID_pkcs7_signed but I don't know which values should be in atrtype (may it be V_ASN1_SEQUENCE ?) and in value (der coding of the PKCS7? or the SEQUENCE of the PKCS7, in this case, how can I get the sequence from the PKCS7?). Could you help me, please? Regards, Antonio. The NID is whatever OID is defined by whatever standard defines the syntax. If there isn't a standard you might want to create a private OID and document its meaning somewhere. The meaning of atrtype and value are based on the ASN1_TYPE structure. For a sequence atrtype is indeed V_ASN1_SEQUENCE and value is an ASN1_STRING structure containing the encoding of the SEQUENCE. Thanks for your answer, it has been very useful when I use an octect string but not when but I have got a problem when I'm using a sequence. I think  I am not doing something properly because I don't get the desired result. I've tried the following options: 1) ASN1_OCTET_STRING *oct=NULL; oct=ASN1_STRING_new(); ASN1_STRING_set(oct,p7_2,lenp7_2) where p7_2 -> coding in DER of a signed PKCS#7 PKCS7_add_attribute(si, NID_pkcs7_signed, V_ASN1_SEQUENCE,(void *)oct); i2d_PKC7 ..... This way when I try to decode the result of the coding I get an error, It seems the structure is not correct. However, if I try with PKCS7_add_attribute(si, NID_pkcs7_signed, V_ASN1_OCTET_STRING,(void *)oct) it works but I've an attribute which is an octet string that contains a DER coded PKCS7 but I would like that the attribute was directly the PKCS7 2) p7_2=d2i_PKCS7(NULL,&tsp,lenTSP); PKCS7_add_attribute(si, NID_pkcs7_signed, V_ASN1_SEQUENCE,(void *)p7_2); i2d_PKC7 ..... This way I can decode the encoded PKCS7 but the PKCS7 is not inserted properly as an attribute. How can I solve the problem? Could you help me another time, please? Thanks in advance, Regards, Antonio.