I have a binary file with a DER-encoded SignedData structure in it. I
can use the following command:
$ openssl pkcs7 -inform DER -in pt2.out -print_certs -text
and I get all sorts of expected information about the certificate in
the structure, which indicates to me that the file's in the right
format.
I'm trying to load the SignedData into a PKCS7, so I can use the
PKCS7_verify function to verify the signature in it. To do that, I'm
calling d2i_PKCS7_fp. I receive no errors, but my PKCS7 is still
empty.
Here's the code I'm using:
FILE *fp = fopen("pt2.out","rb");
PKCS7 *p7 = NULL;
ERR_load_PKCS7_strings();
ERR_load_X509_strings();
p7 = d2i_PKCS7_fp(fp,NULL);
(I've also tried "p7 = d2i_PKCS7_fp(fp,&p7);" with the same results)
Printing p7->detached and p7->length both show a zero. Calling
PKCS7_verify with p7 gives a segmentation fault, while calling it with
NULL returns a 0 (failure).
I can't seem to find any real documentation on using the d2i_PKCS7_fp
function, so I suspect I'm just doing something wrong. Can someone
point me to something that gives a little explanation on using the
function, or show me an example of using it?
Thanks in advance,
Fred
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
