efficient way to encrypt, then sign?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, Jul 04, 2015, Richard Welty wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> what is the lowest overhead method for encrypting using
> CMS_encrypt then signing using CMS_sign? it seems like
> using BIO_new_mem_buf ought to do but i don't see a method
> for getting the length of the CMS_ContentInfo object to
> feed to the BIO creation method.
> 

The function i2d_CMS_ContentInfo will return the length and encode the
structure with the appropriate arguments for example:

unsigned char *buf = NULL;
int buflen;

buflen = i2d_CMS_ContentInfo(cms, &buf);

Depending on the format you want there is a lower overhead (in terms of memory
usage) method: you may be able to chain two streaming BIOs and sign encrypted
data on the fly.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux