Well the situation is I have a file which has been signed for its contents. This signature is used to verify the authentication of the file. The signature works great but I want to use best practices to package the signature. A PKCS7 was suggested. So I assume I can extract this signature from the PKCS7 to verify the file contents which I create the message digest SHA2 from. Is there something I am missing here. Just want to use best practices. The challenger has the file and the PKCS7 (signature) to verify the contents. The challenger has the public key.
redpath wrote: > > I have a PKCS7 file with signature in the envelope. > What API function can I use to open the PKCS7 to extract the signature > data and length > and then verify the message digest? The verify is shown below assuming I > got the signature > data and length. > > int rc = ECDSA_verify(0, md, 20, signaturedata, signaturelength, > pubeckey); > > Kinda hard to find the right functions which seems to be a pretty common > thing. > I did search the forum for this. > > > -- View this message in context: http://old.nabble.com/PKCS7-open-and-extract-signature-tp34542036p34542704.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
