Re: Creating p7s/pkcs7 files with Ruby

< ^ > P N |<>|^_>< --- | ~ ...Help
Yves Vogl wrote:
> This convenient methods seems to use a SHA-1 hash for signing the
> document

Yes. ruby's openssl library is just a thin wrapper around the openssl C 
API.

If you look at [ruby]/ext/openssl/ossl_pkcs7.c you'll see that this 
method just gets some arguments and then calls [openssl] PKCS7_sign()

On my system, typing 'man PKCS7_sign' says:

BUGS
       ....

       The SHA1 digest algorithm is currently always used.

So the question is really not a Ruby one, but an openssl one. If you can 
find a way to generate the signature you want, using either the C API or 
the openssl command line tool, it can probably be converted to Ruby 
easily. But first you need to solve the openssl library problem, and I'd 
suggest that's best done by asking the question on an openssl mailing 
list.

Sorry I can't be more helpful than that...

Regards,

Brian.
-- 
Posted via http://www.ruby-forum.com/.