Extend crypto SP to support signature verification The UEFI service of SMM gateway needs pkcs7 signature verification to authorize variable accesses. Instead of duplicating the mbedtls entities, crypto SP will provide an interface to do the signature verification. Signed-off-by: Gabor Toth <gabor.toth2@arm.com> Change-Id: I7b0472435ac1620c4fe42d0592e1c64faaf10df7

commit: ab7db21cfc94e8f2da05d17ba4f99a56fdff059c [log] [tgz]
author: Gabor Toth <gabor.toth2@arm.com> Fri Aug 18 16:08:12 2023 +0200
committer: Gyorgy Szing <Gyorgy.Szing@arm.com> Sun Jan 07 15:28:39 2024 +0100
tree: d76d8a0fae01f764461cd7ccbd7a0af6188fcba1
parent: 6e4a90379c989e29afba8169f2d08d7bd125ce43 [diff] [blame]
diff --git a/protocols/service/crypto/packed-c/opcodes.h b/protocols/service/crypto/packed-c/opcodes.h
index 5aebf2f..35b8159 100644
--- a/protocols/service/crypto/packed-c/opcodes.h
+++ b/protocols/service/crypto/packed-c/opcodes.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -27,6 +27,7 @@
 #define TS_CRYPTO_OPCODE_GET_KEY_ATTRIBUTES     (TS_CRYPTO_OPCODE_BASE + 15)
 #define TS_CRYPTO_OPCODE_SIGN_MESSAGE           (TS_CRYPTO_OPCODE_BASE + 16)
 #define TS_CRYPTO_OPCODE_VERIFY_MESSAGE         (TS_CRYPTO_OPCODE_BASE + 17)
+#define TS_CRYPTO_OPCODE_VERIFY_PKCS7_SIGNATURE (TS_CRYPTO_OPCODE_BASE + 18)
 
 /* Hash operations */
 #define TS_CRYPTO_OPCODE_HASH_BASE              (0x0200)
commit	ab7db21cfc94e8f2da05d17ba4f99a56fdff059c	[log] [tgz]
author	Gabor Toth <gabor.toth2@arm.com>	Fri Aug 18 16:08:12 2023 +0200
committer	Gyorgy Szing <Gyorgy.Szing@arm.com>	Sun Jan 07 15:28:39 2024 +0100
tree	d76d8a0fae01f764461cd7ccbd7a0af6188fcba1
parent	6e4a90379c989e29afba8169f2d08d7bd125ce43 [diff] [blame]