Re: How to place signature into an X509 format

Tue, 09 Oct 2012 17:32:37 -0700 

PKCS#7 (the original) is RFC2315
CMS is RFC5652

On 10/9/2012 3:37 PM, redpath wrote:


Yes that is exactly what I was asking a standard format and yes I do use a
SHA1

for the message digest. So Formally known as PKCS#7 now called CMS 
thats the

way to go.

I will do that, and any pointers to documents/commands would be 
appreciated.




redpath wrote:
>
> I have created EC Digital Signature and saved it in a file.
> Excerpt of code shown below for a message digest md
>
>     unsigned int siglen = ECDSA_size(peckey);
>     printf("Max signature length is %d \n",siglen);
>     siglen = ECDSA_size(peckey);
>     unsigned char *ptr  = OPENSSL_malloc(siglen);
>     unsigned char *save= ptr;
>     ECDSA_SIG *sig;

>     ret= ECDSA_sign(0 ,md, 20, ptr, &siglen, peckey);   //Do sign it 
dude

>     if (!ret){
>       printf("ERROR signing null\n");
>       return 1;
>     }
>     printf(" Signature success \n");
>     printf("Signature length is %d \n",siglen);
>
>      /**
>       * Write out Digital Signature File
>       *
>       ***/
>       strcpy(buffer,args[1]);
>       strcat(buffer,".ecdsa");
>       fp = fopen(buffer,"wb");
>       fwrite(save, 1, siglen, fp);
>       fclose(fp);
>
>       printf("OUTPUT signature file is  %s\n\n",buffer);
>
> And I use this signature file to verify a message digest later using a
> public key.
>
>   ret = ECDSA_verify(0, md, 20, sig, siglen, pubeckey);
>
> Everything works great. I want this signature to be in an X509 and open
> the X509 and
> extract it to use to verify things.
>
> How do you place a signature in an X509 format and use code to extract
> them?
>
> In the past I have created an X509 for public keys

> before and extract the key to use it; and that works great to 
extract them

> and use them.
>

> So if anyone has a procedure for the using the API to do this let me 
know.

>




Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [email protected]
Automated List Manager                           [email protected]






















					Reply via email to