This is a massive pull request, and I would understand if you do not want to merge it, but I thought I should share it and leave it up to you.
I am using this package to sign Firefox addons, and had to fix a number of limitations as well as add support for certificate chains for this to happen. I also added support for ECDSA and SHA2 algorithms. The code has been restructured in separate files to help with readability, and tests that use OpenSSL helped me make sure the PKCS7 structures are compatible with other implementations.
Ultimately, I think we'll keep referring to our fork from go.mozilla.org/pkcs7, since this is a sensitive piece of code for us, but would love to maintain upstream compatibility as much as possible.
Note: I couldn't figure out how to address the README changes. I might have to drop that patch.
This is a massive pull request, and I would understand if you do not want to merge it, but I thought I should share it and leave it up to you.
I am using this package to sign Firefox addons, and had to fix a number of limitations as well as add support for certificate chains for this to happen. I also added support for ECDSA and SHA2 algorithms. The code has been restructured in separate files to help with readability, and tests that use OpenSSL helped me make sure the PKCS7 structures are compatible with other implementations.
Ultimately, I think we'll keep referring to our fork from
go.mozilla.org/pkcs7, since this is a sensitive piece of code for us, but would love to maintain upstream compatibility as much as possible.Note: I couldn't figure out how to address the README changes. I might have to drop that patch.