mbedtls: add support for pkcs7 PKCS7 signing format is used by OpenPOWER Key Management, which is using mbedtls as its crypto library. This patch adds the limited support of pkcs7 parser and verification to the mbedtls. The limitations are: * Only signed data is supported. * CRLs are not currently handled. * Single signer is supported. Signed-off-by: Daniel Axtens <dja@axtens.net> Signed-off-by: Eric Richter <erichte@linux.ibm.com> Signed-off-by: Nayna Jain <nayna@linux.ibm.com>

commit: c9deb184b0bf5e72d5761d06af0db165676e0f8a [log] [tgz]
author: Nayna Jain <nayna@linux.ibm.com> Mon Nov 16 19:03:12 2020 +0000
committer: Nick Child <nick.child@ibm.com> Thu Sep 01 19:45:33 2022 -0500
tree: 58e6f98e9854bdbd7ea22fc088568f7072210f0c
parent: e00d6d6b55130c905aee5d1a7fca9b9afa9e53f2 [diff] [blame]
diff --git a/scripts/config.py b/scripts/config.py
index f045f98..1e0f827 100755
--- a/scripts/config.py
+++ b/scripts/config.py

@@ -306,6 +306,7 @@
     if name in [
             'MBEDTLS_DEBUG_C', # part of libmbedtls
             'MBEDTLS_NET_C', # part of libmbedtls
+            'MBEDTLS_PKCS7_C', # part of libmbedx509
     ]:
         return False
     return True
commit	c9deb184b0bf5e72d5761d06af0db165676e0f8a	[log] [tgz]
author	Nayna Jain <nayna@linux.ibm.com>	Mon Nov 16 19:03:12 2020 +0000
committer	Nick Child <nick.child@ibm.com>	Thu Sep 01 19:45:33 2022 -0500
tree	58e6f98e9854bdbd7ea22fc088568f7072210f0c
parent	e00d6d6b55130c905aee5d1a7fca9b9afa9e53f2 [diff] [blame]