]> git.dujemihanovic.xyz Git - u-boot.git/commit
lib: crypto: export and enhance pkcs7_verify_one()
authorAKASHI Takahiro <takahiro.akashi@linaro.org>
Tue, 21 Jul 2020 10:35:21 +0000 (19:35 +0900)
committerHeinrich Schuchardt <xypron.glpk@gmx.de>
Wed, 22 Jul 2020 10:37:17 +0000 (12:37 +0200)
commit5ee81c6e3f9f6f851c69b1e3d2661d96671d1dd1
treebb1fb5d8a2f4165b015201d7803cc530368cced4
parent05329fa4c0c7774d01945d94ad2e9079a338baa8
lib: crypto: export and enhance pkcs7_verify_one()

The function, pkcs7_verify_one(), will be utilized to rework signature
verification logic aiming to support intermediate certificates in
"chain of trust."

To do that, its function interface is expanded, adding an extra argument
which is expected to return the last certificate in trusted chain.
Then, this last one must further be verified with signature database, db
and/or dbx.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
include/crypto/pkcs7.h
lib/crypto/pkcs7_verify.c