From bdb69d587e79219d7dca6f9aa21f8dd3f05adcac Mon Sep 17 00:00:00 2001
From: Michael Brown
Date: Tue, 20 Mar 2012 23:54:16 +0000
Subject: [crypto] Add support for Cryptographic Message Syntax (PKCS #7)

The Cryptographic Message Syntax (PKCS#7) provides a format for
encapsulating digital signatures of arbitrary binary blobs.  A
signature can be generated using

  openssl cms -sign -in <file to sign> -binary -noattr \
  	  -signer <signer>.crt -inkey <signer>.key -certfile <CA>.crt \
	  -outform DER -out <signature>

Signed-off-by: Michael Brown <mcb30@ipxe.org>
---
 src/include/ipxe/asn1.h | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/include/ipxe/asn1.h')

diff --git a/src/include/ipxe/asn1.h b/src/include/ipxe/asn1.h
index 393d5dc34..d83308a2e 100644
--- a/src/include/ipxe/asn1.h
+++ b/src/include/ipxe/asn1.h
@@ -152,6 +152,12 @@ struct asn1_cursor {
 	ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),		\
 	ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 3 )
 
+/** ASN.1 OID for pkcs-signedData (1.2.840.113549.1.7.2) */
+#define ASN1_OID_SIGNEDDATA					\
+	ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),	\
+	ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),	\
+	ASN1_OID_SINGLE ( 7 ), ASN1_OID_SINGLE ( 2 )
+
 /** Define an ASN.1 cursor containing an OID */
 #define ASN1_OID_CURSOR( oid_value ) {				\
 		.data = oid_value,				\
-- 
cgit v1.2.3-55-g7522