mbedtls: add support for pkcs7
PKCS7 signing format is used by OpenPOWER Key Management, which is using mbedtls as its crypto library. This patch adds the limited support of pkcs7 parser and verification to the mbedtls. The limitations are: * Only signed data is supported. * CRLs are not currently handled. * Single signer is supported. Signed-off-by: Daniel Axtens <dja@axtens.net> Signed-off-by: Eric Richter <erichte@linux.ibm.com> Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
This commit is contained in:
Nayna Jain
Nick Child
parent
e00d6d6b55
commit
c9deb184b0
12 changed files with 1388 additions and 1 deletions
|
|
@ -2660,6 +2660,21 @@
|
|||
*/
|
||||
#define MBEDTLS_PKCS5_C
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_PKCS7_C
|
||||
*
|
||||
* Enable PKCS7 core for using PKCS7 formatted signatures.
|
||||
* RFC Link - https://tools.ietf.org/html/rfc2315
|
||||
*
|
||||
* Module: library/pkcs7.c
|
||||
*
|
||||
* Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_OID_C, MBEDTLS_PK_PARSE_C,
|
||||
* MBEDTLS_X509_CRT_PARSE_C MBEDTLS_X509_CRL_PARSE_C, MBEDTLS_BIGNUM_C
|
||||
*
|
||||
* This module is required for the PKCS7 parsing modules.
|
||||
*/
|
||||
#define MBEDTLS_PKCS7_C
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_PKCS12_C
|
||||
*
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue