Current location - Quotes Website - Signature design - Create PKCS7 signature
Create PKCS7 signature
The characteristics of creating PKCS7 "PKCS7 should mean that the structure of PKCS7 is defined as follows:

Typedef structure pkcs7_st

{

/* If the following content contains ASN 1 code, it is not empty.

* This structure */

Unsigned char * ASN1;

Long length;

#define PKCS7_S_HEADER 0

#define PKCS7_S_BODY 1

# define PKCS7_S_TAIL 2

Int status; /* Use during processing */

Int separation;

ASN 1 _ OBJECT * type;

/* Content defined by type */

/* All encryption/message digests are applied to the Content.

* Omit the "Type" field. */

labour union

char * ptr

/* NID _ pkcs 7 _ data */

ASN 1 _ OCTET _ STRING * data;

/* NID _ pkcs 7 _ Signed */

PKCS7 _ SIGNED * sign

/* NID _ pkcs 7 _ envelope */

PKCS7 _ ENVELOPE * envelope;

/* NID _ pkcs 7 _ Signed and Encapsulated */

pkcs 7 _ SIGN _ ENVELOPE * signed _ and _ enveloped;

/* NID _ pkcs 7 _ Summary */

PKCS7 _ DIGEST * digest

/* NID _ pkcs 7 _ Encryption */

PKCS7 _ ENCRYPT * encryption;

/* What else */

ASN 1 _ TYPE * other;

} d;

} PKCS7

Data:

Clear text packaging

The types are NID _ pkcs 7 _ data and ASN 1 _ octet _ string, which is a simple ASN 1 _ string data type.

Signature data (signature):

Encapsulate data and signature value, including signer certificate, CRL, etc. In order to determine the identity of the sender.

Type is NID _ pkcs 7 _ signed. For data of type PKCS7_SIGNED, PKCS7_SIGNED is defined as follows:

Typedef structure pkcs7_signed_st

{

ASN 1 _ INTEGER * version; /* version1*/version

STACK _ OF(X509 _ ALGOR)* MD _ algs; /* MD used *// summary algorithm

STACK _ OF(X509)* certificate; /*[0]*// Signing certificate

STACK _ OF(X509 _ CRL)* CRL; /*[ 1]*// certificate revocation list

STACK _ OF(pkcs 7 _ SIGNER _ INFO)* SIGNER _ INFO; Signature information

Struct pkcs7 _ st * content;

} PKCS7 _ SIGNED》