pkcs7: support multiple signers
Rather than only parsing/verifying one SignerInfo in the SignerInfos
field of the PKCS7 stucture, allow the ability to parse and verify more
than one signature. Verification will return success if any of the signatures
produce a match.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Nick Child <nick.child@ibm.com>
diff --git a/tests/suites/test_suite_pkcs7.data b/tests/suites/test_suite_pkcs7.data
index d5ecd21..daced32 100644
--- a/tests/suites/test_suite_pkcs7.data
+++ b/tests/suites/test_suite_pkcs7.data
@@ -10,13 +10,9 @@
depends_on:MBEDTLS_SHA256_C
pkcs7_parse_without_cert:"data_files/pkcs7_data_without_cert_signed.der"
-PKCS7 Signed Data Parse Fail with multiple signers #4
-depends_on:MBEDTLS_SHA256_C
-pkcs7_parse_multiple_signers:"data_files/pkcs7_data_multiple_signed.der"
-
PKCS7 Signed Data Parse Fail with multiple certs #4
depends_on:MBEDTLS_SHA256_C
-pkcs7_parse_multiple_signers:"data_files/pkcs7_data_multiple_certs_signed.der"
+pkcs7_parse_multiple_certs:"data_files/pkcs7_data_multiple_certs_signed.der"
PKCS7 Signed Data Parse Fail with corrupted cert #5
depends_on:MBEDTLS_SHA256_C
@@ -69,3 +65,7 @@
PKCS7 Only Signed Data Parse Pass #15
depends_on:MBEDTLS_SHA256_C
pkcs7_parse:"data_files/pkcs7_data_cert_signeddata_sha256.der"
+
+PKCS7 Signed Data Verify with multiple signers #16
+depends_on:MBEDTLS_SHA256_C
+pkcs7_verify_multiple_signers:"data_files/pkcs7_data_multiple_signed.der":"data_files/pkcs7-rsa-sha256-1.crt":"data_files/pkcs7-rsa-sha256-2.crt":"data_files/pkcs7_data.bin"
\ No newline at end of file