[openssl-users] Implementing help

[Michael Wojcik]

> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Eldiario Mexico
> Sent: Friday, August 17, 2018 12:51

> I really need your support , i've been trying to implement Openssl,
> cuase I need verify certifcates althrough OCSP and utilize this
> ceriticates to sign a docoument.

> I'm developing on Visual Studio (Visual Basic)  but, I can't found the
> .dll Files , i dont find the correct way to utlize Oppenssl to Sign
> Documents

Correct use of OpenSSL is a specialist skill, to be perfectly frank. I don't recommend it for anyone who is not prepared to put serious effort into learning OpenSSL's design and API, and learning significantly about contemporary cryptography (including algorithms, protocols, standards, industry conventions, and so on) in the process.

Also, your problem is not well-defined. There are many formats for cryptographically signing documents. Do you need CMS? XML Signature? A signature for a binary file, such as Authenticode or a Java JAR signature? An OpenPGP signature? What problem are you actually trying to solve?

If you're developing for Visual BASIC, then presumably your application is Windows-only. I'd suggest using the Windows built-in cryptography support: the OS-provided certificate stores and CryptoAPI, directly or through some additional layer (such as the .NET Framework if you're actually using VB.NET). Those are generally higher-level APIs than what OpenSSL provides, and they're available through various Microsoft scripting languages, which would make it easier to experiment.

However, you'd very likely do best to simply find some existing library or package that does what you need to do. Writing cryptographic applications without a cryptography background is likely to produce insecure systems.

--
Michael Wojcik
Distinguished Engineer, Micro Focus