Symbols ![]()
loading...
Files ![]()
loading...
mbedtls_pkcs7_signed_hash_verify() function
Verification of PKCS #7 signature against a caller-supplied certificate. For each signer in the PKCS structure, this function validates a signature over the supplied hash, using the supplied certificate and the same digest algorithm as specified by the signer. Verification succeeds if any signature is good. This function does not use the certificates held within the PKCS #7 structure itself, and does not check that the certificate is signed by a trusted certification authority.
Syntax
int mbedtls_pkcs7_signed_hash_verify(mbedtls_pkcs7 *pkcs7,
const mbedtls_x509_crt *cert,
const unsigned char *hash,
size_t hashlen);
Implemented in ![]()
pkcs7.c:733
Return value
0 if the signature verifies, or a negative error code on failure.
Notes
This function is different from mbedtls_pkcs7_signed_data_verify() in that it is directly passed the hash of the data.
Related Functions
Found 5 other functions taking a ![]()
mbedtls_pkcs7
argument:
Function
Description
Unallocate all PKCS #7 data and zeroize the memory. It doesn't free \p pkcs7 itself. This should be done by the caller.
Initialize mbedtls_pkcs7 structure.
Parse a single DER formatted PKCS #7 detached signature.
Verification of PKCS #7 signature against a caller-supplied certificate. For each signer in the PKCS structure, this function computes a signature over the supplied data, using the supplied certificate and the same digest algorithm as specified by the signer. It then compares this signature against the signer's signature; verification succeeds if any comparison matches. This function does not use the certificates held within the PKCS #7 structure itself, and does not check that the certificate is signed by a trusted certification authority.
References
Code
Location
Call Tree
mbedtls_pkcs7_signed_hash_verify() calls 1 function:
Data Use
mbedtls_pkcs7_signed_hash_verify():