Skip to content
Commit 3363fd4d authored by Victor Hsieh's avatar Victor Hsieh
Browse files

Provide a method to verify a PKCS#7 signature 

There is existing PKCS#7 signature used in the kernel for verifying
fs-verity digest. The purpose of this change is to pave the way to
migrate the existing signature check to userspace (and longer term,
migrate away from PKCS#7).

To mitigate the complexity of PKCS#7, only the configuration we're
currently using is supported.

Bug: 253668864
Test: atest FrameworksCoreTests:com.android.internal.security.VerityUtilsTest
Test: Manually added some code to use the API with correct and incorrect
      signatures. Saw the API behave expectedly.
Change-Id: I80bbbd88881303c0b9a261b1fe59e9682e43bcad
Merged-In: I80bbbd88881303c0b9a261b1fe59e9682e43bcad
parent c49d0bfa
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment