mbedtls: add support for pkcs7 PKCS7 signing format is used by OpenPOWER Key Management, which is using mbedtls as its crypto library. This patch adds the limited support of pkcs7 parser and verification to the mbedtls. The limitations are: * Only signed data is supported. * CRLs are not currently handled. * Single signer is supported. Signed-off-by: Daniel Axtens <dja@axtens.net> Signed-off-by: Eric Richter <erichte@linux.ibm.com> Signed-off-by: Nayna Jain <nayna@linux.ibm.com>

commit: c9deb184b0bf5e72d5761d06af0db165676e0f8a [log] [tgz]
author: Nayna Jain <nayna@linux.ibm.com> Mon Nov 16 19:03:12 2020 +0000
committer: Nick Child <nick.child@ibm.com> Thu Sep 01 19:45:33 2022 -0500
tree: 58e6f98e9854bdbd7ea22fc088568f7072210f0c
parent: e00d6d6b55130c905aee5d1a7fca9b9afa9e53f2 [diff] [blame]
diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 8b2b9ea..0850432 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h

@@ -95,6 +95,7 @@
  * ECP       4   10 (Started from top)
  * MD        5   5
  * HKDF      5   1 (Started from top)
+ * PKCS7     5   12 (Started from 0x5300)
  * SSL       5   2 (Started from 0x5F00)
  * CIPHER    6   8 (Started from 0x6080)
  * SSL       6   22 (Started from top, plus 0x6000)
commit	c9deb184b0bf5e72d5761d06af0db165676e0f8a	[log] [tgz]
author	Nayna Jain <nayna@linux.ibm.com>	Mon Nov 16 19:03:12 2020 +0000
committer	Nick Child <nick.child@ibm.com>	Thu Sep 01 19:45:33 2022 -0500
tree	58e6f98e9854bdbd7ea22fc088568f7072210f0c
parent	e00d6d6b55130c905aee5d1a7fca9b9afa9e53f2 [diff] [blame]