On Tue, Jul 25, 2006, euhmoins (sent by Nabble.com) wrote: > > > "We now have to 'read' from p7bio to calculate digests etc." -> Why so ? > > Why do we have to read the content of BIO *p7bio and write it to BIO *tmpout > to get PKCS7_signatureVerify to work properly ? > > I hope you can understand my question ;) >
The writing part is optional but that's so the signed content can be output to a BIO. The data has to be read from somewhere to calculate the message digests. For S/MIME this is done by placing various digest BIOs in the chain and reading through them. The digests in these BIOs are then obtained and used for the later stages of signature verification. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
