typedef struct pkcs7_st
{
/* The following is non NULL if it contains ASN1 encoding of
* this structure */
unsigned char *asn1;
long length;
#define PKCS7_S_HEADER 0
#define PKCS7_S_BODY 1
#define PKCS7_S_TAIL 2
int state; /* used during processing */
int detached;
ASN1_OBJECT *type;
/* content as defined by the type */
/* all encryption/message digests are applied to the 'contents',
* leaving out the 'type' field. */
union {
char *ptr;
/* NID_pkcs7_data */
ASN1_OCTET_STRING *data;
/* NID_pkcs7_signed */
PKCS7_SIGNED *sign;
/* NID_pkcs7_enveloped */
PKCS7_ENVELOPE *enveloped;
/* NID_pkcs7_signedAndEnveloped */
PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
/* NID_pkcs7_digest */
PKCS7_DIGEST *digest;
/* NID_pkcs7_encrypted */
PKCS7_ENCRYPT *encrypted;
/* Anything else */
ASN1_TYPE *other;
} d;
} PKCS7;
數據(data):
明文打包
type為NID_pkcs7_data,ASN1_OCTET_STRING類型,即為簡單的ASN1_STRING數據類型。
簽名數據(sign):
把數據以及簽名值打包,其中包括簽名者的證書,CRL等,目的為確定發送者的身份。
type為NID_pkcs7_signed。PKCS7_SIGNED類型的數據,PKCS7_SIGNED定義如下:
typedef struct pkcs7_signed_st
{
ASN1_INTEGER *version; /* version 1 */ //版本
STACK_OF(X509_ALGOR) *md_algs; /* md used */ //摘要算法
STACK_OF(X509) *cert; /* [ 0 ] */ //簽名證書
STACK_OF(X509_CRL) *crl; /* [ 1 ] */ //證書吊銷列表
STACK_OF(PKCS7_SIGNER_INFO) *signer_info; 簽名信息
struct pkcs7_st *contents;
} PKCS7_SIGNED;》