Sign PKCS#7 and verify PKCS#7 signature with OpenSSL

Lazarus »
Forum »
Programming »
General »
Sign PKCS#7 and verify PKCS#7 signature with OpenSSL

Bookstore

	Computer Math and Games in Pascal (preview)
	Lazarus Handbook

Recent

Assign (textfile) not com... by Thaddy
[Today at 12:18:09 pm]
Question for people who h... by marcov
[Today at 12:04:56 pm]
[SOLVED] assembler name i... by Laksen
[Today at 11:40:43 am]
Warning: Source OS Redefi... by Laksen
[Today at 11:32:46 am]
[SOLVED] how to see what ... by Laksen
[Today at 11:30:25 am]
Slow copying of small str... by alpine
[Today at 11:25:10 am]
I just released a commerc... by BrassGear
[Today at 11:05:12 am]
How to: create DLL file f... by KodeZwerg
[Today at 10:53:20 am]
Text orientation in TMemo... by wp
[Today at 10:27:54 am]
InstallAware Using Lazaru... by marcov
[Today at 10:05:26 am]
Linux Workspaces -- StayO... by AmatCoder
[Today at 08:21:27 am]
Demoscene The Champs Crac... by Lulu
[Today at 08:15:12 am]
Azure sql database will n... by paweld
[Today at 07:24:47 am]
Find child controls by na... by Handoko
[Today at 04:17:05 am]
location of non visual co... by VisualLab
[April 17, 2024, 11:58:55 pm]
For-in loop over constant... by Joanna
[April 17, 2024, 11:57:15 pm]
Lazarus editor feature re... by 440bx
[April 17, 2024, 11:49:08 pm]
How would you define a fi... by wp
[April 17, 2024, 11:04:00 pm]
Directx9 with mylogo insi... by KodeZwerg
[April 17, 2024, 11:03:54 pm]
Lazarus for Windows on aa... by Wallaby
[April 17, 2024, 10:25:46 pm]
[SOLVED] TDbf table, Leve... by 1HuntnMan
[April 17, 2024, 10:03:16 pm]
Doomed name by Martin_fr
[April 17, 2024, 09:09:52 pm]
lazarus-project_3.2.0-0_a... by midigark
[April 17, 2024, 06:09:40 pm]
TBGRABitmap.TextSize retu... by circular
[April 17, 2024, 05:24:04 pm]
BUG REPORT: Unable to gen... by gasensor
[April 17, 2024, 05:10:20 pm]

« previous next »

Pages: [1]

Author Topic: Sign PKCS#7 and verify PKCS#7 signature with OpenSSL (Read 937 times)

GeorgeSteven

Newbie
Posts: 4

Sign PKCS#7 and verify PKCS#7 signature with OpenSSL

« on: June 14, 2021, 09:01:12 am »

If someone have to transfer X.509 certificates in a single bundle, usually, it is recommended to pack them into PKCS#7. And content of PKCS#7 can be signed.

OpenSSL allows to pack certificates into PKCS#7 in the following way:

openssl crl2pkcs7 -nocrl -certfile domain.crt -certfile ca-chain.crt -out domain.p7b

As I understand from the man page of 'openssl crl2pkcs7', this PKCS#7 is signed:

The output file is a PKCS#7 signed data structure containing no signers and just certificates and an optional CRL.

A few questions here:

What does 'containing no signers' mean?
If the content (certificates) of PKCS#7 is not really signed, how can it be done using OpenSSL?
How signature of PKCS#7 can be verified using OpenSSL considering that it was signed?
If I understand overall concept wrongly, please, clarify that.

Logged

Pages: [1]

« previous next »

Lazarus »
Forum »
Programming »
General »
Sign PKCS#7 and verify PKCS#7 signature with OpenSSL

XHTML
RSS
WAP2

Lazarus

Bookstore

Search

Recent

Author Topic: Sign PKCS#7 and verify PKCS#7 signature with OpenSSL (Read 937 times)

GeorgeSteven

Sign PKCS#7 and verify PKCS#7 signature with OpenSSL