[erlang-questions] PKCS-7 signing
Tue Nov 26 02:47:07 CET 2013
Unfortunately the manifest is customised with an authentication token
for each user, so you can't just reuse a one time signature. Sounds
like calling openssl directly might be the best bet for now :/
On Mon, Nov 25, 2013 at 9:30 PM, Szoboszlay Dániel
> If it is only a manifest file that (I assume) doesn't change very often I
> would rather use "openssl smime" to create the signature.
> I was looking into PKCS-7 signing with Erlang recently, but I could avoid
> doing it after all. My impression was that there is no direct support for it
> in OTP, so you'd either have to call the openssl routines via e.g. a port
> driver or use the existing crypto functions to sign your data and put
> together a SignedData structure according to RFC 2315 using the ASN.1
> application. Yet, I might be wrong.
> On Mon, 25 Nov 2013 20:55:04 -0000, James Wheare <> wrote:
>> I'm working on implementing Apple's Push Notifications for Websites
>> system and having some trouble signing the "push package"
>> The docs  say this:
>> "The signature is a PKCS #7 detached signature of the manifest file.
>> Sign the manifest file with the private key associated with your web
>> push certificate that you obtained while registering with Apple. In
>> PHP, you can do this with the openssl_pkcs7_sign function"
>> So I'm looking for an equivalent to PHP's openssl_pkcs7_sign  in
>> The release notes  for the public_key module seem to offer some
>> hope, with "experimental" PKCS-7 support announced in 0.17, but I
>> can't find anything about it in the docs 
>> Any advice on solving this?
>> - James
>>  http://php.net/manual/en/function.openssl-pkcs7-sign.php
>>  http://www.erlang.org/doc/apps/public_key/notes.html
>>  http://erlang.org/doc/man/public_key.html
>> erlang-questions mailing list
> erlang-questions mailing list
More information about the erlang-questions