Yes that is exactly what I was asking a standard format and yes I do use a
SHA1
for the message digest. So Formally known as PKCS#7 now called CMS thats the
way to go.
I will do that, and any pointers to documents/commands would be appreciated.
redpath wrote:
>
> I have created EC Digital Signature and saved it in a file.
> Excerpt of code shown below for a message digest md
>
> unsigned int siglen = ECDSA_size(peckey);
> printf("Max signature length is %d \n",siglen);
> siglen = ECDSA_size(peckey);
> unsigned char *ptr = OPENSSL_malloc(siglen);
> unsigned char *save= ptr;
> ECDSA_SIG *sig;
> ret= ECDSA_sign(0 ,md, 20, ptr, &siglen, peckey); //Do sign it dude
> if (!ret){
> printf("ERROR signing null\n");
> return 1;
> }
> printf(" Signature success \n");
> printf("Signature length is %d \n",siglen);
>
> /**
> * Write out Digital Signature File
> *
> ***/
> strcpy(buffer,args[1]);
> strcat(buffer,".ecdsa");
> fp = fopen(buffer,"wb");
> fwrite(save, 1, siglen, fp);
> fclose(fp);
>
> printf("OUTPUT signature file is %s\n\n",buffer);
>
> And I use this signature file to verify a message digest later using a
> public key.
>
> ret = ECDSA_verify(0, md, 20, sig, siglen, pubeckey);
>
> Everything works great. I want this signature to be in an X509 and open
> the X509 and
> extract it to use to verify things.
>
> How do you place a signature in an X509 format and use code to extract
> them?
>
> In the past I have created an X509 for public keys
> before and extract the key to use it; and that works great to extract them
> and use them.
>
> So if anyone has a procedure for the using the API to do this let me know.
>
>
>
>
>
>
>
>
>
--
View this message in context:
http://old.nabble.com/How-to-place-signature-into-an-X509-format-tp34513865p34531958.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
