Thank you
Exactly, i compare ASN1 signeddata structure ver 1.5 of openssl signing
using "smime" function and a CMS ASN1 structure ... and it seem ??? to
be different only at the introducing "data" by a "OCTETSTRING" after
"OBJECT :pkcs7-data" ...
Is it possible to introduce "data" at the good offset using asn1parse
function of openssl ? ... other method ?
This difference is alone ?
Thanks
Dr Franck ROUSSIA
Dr. Stephen Henson a écrit :
On Tue, Jan 01, 2008, rfx wrote:
An IGC need sign request certificat to subscribe only in CMS RFC2360 format
so i would like (but i don't know if it's the best solution) to make it
using asn1parse and genconf functions.
I try to reproduce an example of CMS signeddata with first part is :
--------------------------
0:d=0 hl=4 l=2950 cons: SEQUENCE 4:d=1 hl=2 l= 9 prim:
OBJECT :pkcs7-signedData
15:d=1 hl=4 l=2935 cons: cont [ 0 ] 19:d=2 hl=4 l=2931 cons:
SEQUENCE 23:d=3 hl=2 l= 1 prim: INTEGER :01
26:d=3 hl=2 l= 11 cons: SET 28:d=4 hl=2 l= 9 cons:
SEQUENCE 30:d=5 hl=2 l= 5 prim: OBJECT :sha1
37:d=5 hl=2 l= 0 prim: NULL 39:d=3 hl=4 l= 929 cons:
SEQUENCE 43:d=4 hl=2 l= 9 prim: OBJECT :pkcs7-data
54:d=4 hl=4 l= 914 cons: cont [ 0 ] 58:d=5 hl=4 l= 910 prim:
OCTET STRING :MIME-Version: 1.0
Content-Type: application/pkcs10; name="smime.p10"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=smime.p10
...etc ...
--------------------------
So i try to make this cnf file to use it with openssl.exe asn1parse
-genconf asn1.cnf -noout -out asn1sign.txt:
--------------------------
asn1=SEQUENCE:Signed_Data
[Signed_Data]
objet= OBJECT:pkcs7-signedData
sequence=SEQUENCE:version
[version]
version=INTEGER:01
set=SET
sequence=SEQUENCE:algo
[algo]
disgest=OID:SHA1
nul=NULL
sequence=SEQUENCE:data
[data]
objet=OBJECT:pkcs7-data
octet=OCTETSTRING:MIME-Version: 1.0\
Content-Type: application/pkcs10; name="smime.p10"\
Content-Transfer-Encoding: base64\
Content-Disposition: attachment; filename=smime.p10
--------------------------
I Begin in ASN.1 langage and i don't know how to reproduce "cont[0]" and
add CRLF end string to an OCTETSTRING ...
Thanks for help
Looks like a PKCS#7 signedData structure. You should be able to use the
"smime" application to generate that.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
