The post process would be done by the signer (on his machine with all the credential availables), with the key present. If this can be done inside PKCS_sign, or during the same session. I don't want this re-encoding to be particulary a post-process, just want it to be done anytime, of course ...
If I can modify the PKCS7 code to output directly DER it's even better. (but I don't know if it is feasible). ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
