mbedtls: add support for pkcs7 PKCS7 signing format is used by OpenPOWER Key Management, which is using mbedtls as its crypto library. This patch adds the limited support of pkcs7 parser and verification to the mbedtls. The limitations are: * Only signed data is supported. * CRLs are not currently handled. * Single signer is supported. Signed-off-by: Daniel Axtens <dja@axtens.net> Signed-off-by: Eric Richter <erichte@linux.ibm.com> Signed-off-by: Nayna Jain <nayna@linux.ibm.com>

commit: c9deb184b0bf5e72d5761d06af0db165676e0f8a [log] [tgz]
author: Nayna Jain <nayna@linux.ibm.com> Mon Nov 16 19:03:12 2020 +0000
committer: Nick Child <nick.child@ibm.com> Thu Sep 01 19:45:33 2022 -0500
tree: 58e6f98e9854bdbd7ea22fc088568f7072210f0c
parent: e00d6d6b55130c905aee5d1a7fca9b9afa9e53f2 [diff] [blame]
diff --git a/include/mbedtls/asn1.h b/include/mbedtls/asn1.h
index be2cae7..21ade1b 100644
--- a/include/mbedtls/asn1.h
+++ b/include/mbedtls/asn1.h

@@ -38,8 +38,9 @@
 
 /**
  * \name ASN1 Error codes
- * These error codes are OR'ed to X509 error codes for
+ * These error codes are combined with other error codes for
  * higher error granularity.
+ * e.g. X.509 and PKCS #7 error codes
  * ASN1 is a standard to specify data structures.
  * \{
  */
commit	c9deb184b0bf5e72d5761d06af0db165676e0f8a	[log] [tgz]
author	Nayna Jain <nayna@linux.ibm.com>	Mon Nov 16 19:03:12 2020 +0000
committer	Nick Child <nick.child@ibm.com>	Thu Sep 01 19:45:33 2022 -0500
tree	58e6f98e9854bdbd7ea22fc088568f7072210f0c
parent	e00d6d6b55130c905aee5d1a7fca9b9afa9e53f2 [diff] [blame]