[Botan-devel] Acrobat digital signatures

Halewijn Geerts halewijng at enfocus.com
Fri Oct 24 08:24:18 EDT 2008


Hi,

I'm trying to create and verify Digital Signatures as done by Acrobat, using
Botan, but I don't know how to do it.

The most common type of digital signature in acrobat is adbe.pkcs7.detached.
This is a DER-encoded PKCS #7 object. I use 1024bit RSA and SHA-1.

How do I create such a PKCS #7 object?

This is a piece of the implementation I started to write for creating the
digital signature.

std::auto_ptr<Botan::PKCS8_privateKey> thePrivateKey(
Botan::PKCS8::load_key( thePrivateKeyInMemeory, thePassphrase );

Botan::PK_signing_key* theSigningKey = dynamic_cast<Botan::PK_signing_key*>(
thePrivateKey );

if ( thePrivateKey )
{
    Botan::Pipe thePipe( new Botan::PK_Signer_Filter( Botan::get_pk_signer(
*theSigningKey, "EMSA1(SHA-1)" ) ) );

    thePipe.start_msg();

    theData >> thePipe;

    thePipe.end_msg();

// What next? How do I create a PKCS #7 object and add how do I add the
X.509 certificate to it?

// What about the DER encoding? When and how should that be done?

}

For verifying the digital signature, how do I get the X509 certificate and
the actual signature back out of the PKCS #7 object?

Thanks,
Halewijn






More information about the botan-devel mailing list