Open jorgedsmatias opened 5 years ago
jorgedsmatias
commented
5 years ago All code except add_signingCertificate() in applayer/sign-pkcs7.cpp have been modified to work both with libssl 1.1 and earlier version. Importante code on add_signingCertificate(PKCS7_SIGNER_INFO *si, ...) has been disabled for the build process to complete.
jorgedsmatias
commented
5 years ago In OpenSSL 1.1.0 there is no simple way to implement PDF Advanced Electronic Signature (TS 102 778-3 [1] (PAdES-3). There is a branch tree in OpenSSL to implement CAdES, that could be used to implement PAdES. Add support for CAdES Basic Electronic Signatures (CAdES-BES) #7893 https://github.com/openssl/openssl/pull/7893
For now, the best option is to write code using an indirect way like example code proposed by Ottavia Campana, in openssl-dev mailing list.
Support for OpenSSL v1.1 is necessary for it to build on new Linux distributions like Debian/Raspian "buster".