npm - edhoc - Versions diffs - 1.0.1 → 1.0.3 - Mend

edhoc 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (659) hide show

package/external/libedhoc/externals/mbedtls/library/pkcs7.c ADDED Viewed

@@ -0,0 +1,773 @@
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+#include "common.h"
+#include "mbedtls/build_info.h"
+#if defined(MBEDTLS_PKCS7_C)
+#include "mbedtls/pkcs7.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/asn1.h"
+#include "mbedtls/x509_crt.h"
+#include "mbedtls/x509_crl.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/error.h"
+#if defined(MBEDTLS_FS_IO)
+#include <sys/types.h>
+#include <sys/stat.h>
+#endif
+#include "mbedtls/platform.h"
+#include "mbedtls/platform_util.h"
+#if defined(MBEDTLS_HAVE_TIME)
+#include "mbedtls/platform_time.h"
+#endif
+#if defined(MBEDTLS_HAVE_TIME_DATE)
+#include <time.h>
+#endif
+/**
+ * Initializes the mbedtls_pkcs7 structure.
+ */
+void mbedtls_pkcs7_init(mbedtls_pkcs7 *pkcs7)
+{
+    memset(pkcs7, 0, sizeof(*pkcs7));
+}
+static int pkcs7_get_next_content_len(unsigned char **p, unsigned char *end,
+                                      size_t *len)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ret = mbedtls_asn1_get_tag(p, end, len, MBEDTLS_ASN1_CONSTRUCTED
+                               | MBEDTLS_ASN1_CONTEXT_SPECIFIC);
+    if (ret != 0) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, ret);
+    } else if ((size_t) (end - *p) != *len) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO,
+                                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+    return ret;
+}
+/**
+ * version Version
+ * Version ::= INTEGER
+ **/
+static int pkcs7_get_version(unsigned char **p, unsigned char *end, int *ver)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ret = mbedtls_asn1_get_int(p, end, ver);
+    if (ret != 0) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_VERSION, ret);
+    }
+    /* If version != 1, return invalid version */
+    if (*ver != MBEDTLS_PKCS7_SUPPORTED_VERSION) {
+        ret = MBEDTLS_ERR_PKCS7_INVALID_VERSION;
+    }
+    return ret;
+}
+/**
+ * ContentInfo ::= SEQUENCE {
+ *      contentType ContentType,
+ *      content
+ *              [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
+ **/
+static int pkcs7_get_content_info_type(unsigned char **p, unsigned char *end,
+                                       unsigned char **seq_end,
+                                       mbedtls_pkcs7_buf *pkcs7)
+{
+    size_t len = 0;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *start = *p;
+    ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED
+                               | MBEDTLS_ASN1_SEQUENCE);
+    if (ret != 0) {
+        *p = start;
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, ret);
+    }
+    *seq_end = *p + len;
+    ret = mbedtls_asn1_get_tag(p, *seq_end, &len, MBEDTLS_ASN1_OID);
+    if (ret != 0) {
+        *p = start;
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, ret);
+    }
+    pkcs7->tag = MBEDTLS_ASN1_OID;
+    pkcs7->len = len;
+    pkcs7->p = *p;
+    *p += len;
+    return ret;
+}
+/**
+ * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+ *
+ * This is from x509.h
+ **/
+static int pkcs7_get_digest_algorithm(unsigned char **p, unsigned char *end,
+                                      mbedtls_x509_buf *alg)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    if ((ret = mbedtls_asn1_get_alg_null(p, end, alg)) != 0) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_ALG, ret);
+    }
+    return ret;
+}
+/**
+ * DigestAlgorithmIdentifiers :: SET of DigestAlgorithmIdentifier
+ **/
+static int pkcs7_get_digest_algorithm_set(unsigned char **p,
+                                          unsigned char *end,
+                                          mbedtls_x509_buf *alg)
+{
+    size_t len = 0;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED
+                               | MBEDTLS_ASN1_SET);
+    if (ret != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_ALG, ret);
+    }
+    end = *p + len;
+    ret = mbedtls_asn1_get_alg_null(p, end, alg);
+    if (ret != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_ALG, ret);
+    }
+    /** For now, it assumes there is only one digest algorithm specified **/
+    if (*p != end) {
+        return MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE;
+    }
+    return 0;
+}
+/**
+ * certificates :: SET OF ExtendedCertificateOrCertificate,
+ * ExtendedCertificateOrCertificate ::= CHOICE {
+ *      certificate Certificate -- x509,
+ *      extendedCertificate[0] IMPLICIT ExtendedCertificate }
+ * Return number of certificates added to the signed data,
+ * 0 or higher is valid.
+ * Return negative error code for failure.
+ **/
+static int pkcs7_get_certificates(unsigned char **p, unsigned char *end,
+                                  mbedtls_x509_crt *certs)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len1 = 0;
+    size_t len2 = 0;
+    unsigned char *end_set, *end_cert, *start;
+    ret = mbedtls_asn1_get_tag(p, end, &len1, MBEDTLS_ASN1_CONSTRUCTED
+                               | MBEDTLS_ASN1_CONTEXT_SPECIFIC);
+    if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+        return 0;
+    }
+    if (ret != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT, ret);
+    }
+    start = *p;
+    end_set = *p + len1;
+    ret = mbedtls_asn1_get_tag(p, end_set, &len2, MBEDTLS_ASN1_CONSTRUCTED
+                               | MBEDTLS_ASN1_SEQUENCE);
+    if (ret != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CERT, ret);
+    }
+    end_cert = *p + len2;
+    /*
+     * This is to verify that there is only one signer certificate. It seems it is
+     * not easy to differentiate between the chain vs different signer's certificate.
+     * So, we support only the root certificate and the single signer.
+     * The behaviour would be improved with addition of multiple signer support.
+     */
+    if (end_cert != end_set) {
+        return MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE;
+    }
+    if ((ret = mbedtls_x509_crt_parse_der(certs, start, len1)) < 0) {
+        return MBEDTLS_ERR_PKCS7_INVALID_CERT;
+    }
+    *p = end_cert;
+    /*
+     * Since in this version we strictly support single certificate, and reaching
+     * here implies we have parsed successfully, we return 1.
+     */
+    return 1;
+}
+/**
+ * EncryptedDigest ::= OCTET STRING
+ **/
+static int pkcs7_get_signature(unsigned char **p, unsigned char *end,
+                               mbedtls_pkcs7_buf *signature)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+    ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_OCTET_STRING);
+    if (ret != 0) {
+        return ret;
+    }
+    signature->tag = MBEDTLS_ASN1_OCTET_STRING;
+    signature->len = len;
+    signature->p = *p;
+    *p = *p + len;
+    return 0;
+}
+static void pkcs7_free_signer_info(mbedtls_pkcs7_signer_info *signer)
+{
+    mbedtls_x509_name *name_cur;
+    mbedtls_x509_name *name_prv;
+    if (signer == NULL) {
+        return;
+    }
+    name_cur = signer->issuer.next;
+    while (name_cur != NULL) {
+        name_prv = name_cur;
+        name_cur = name_cur->next;
+        mbedtls_free(name_prv);
+    }
+    signer->issuer.next = NULL;
+}
+/**
+ * SignerInfo ::= SEQUENCE {
+ *      version Version;
+ *      issuerAndSerialNumber   IssuerAndSerialNumber,
+ *      digestAlgorithm DigestAlgorithmIdentifier,
+ *      authenticatedAttributes
+ *              [0] IMPLICIT Attributes OPTIONAL,
+ *      digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
+ *      encryptedDigest EncryptedDigest,
+ *      unauthenticatedAttributes
+ *              [1] IMPLICIT Attributes OPTIONAL,
+ * Returns 0 if the signerInfo is valid.
+ * Return negative error code for failure.
+ * Structure must not contain vales for authenticatedAttributes
+ * and unauthenticatedAttributes.
+ **/
+static int pkcs7_get_signer_info(unsigned char **p, unsigned char *end,
+                                 mbedtls_pkcs7_signer_info *signer,
+                                 mbedtls_x509_buf *alg)
+{
+    unsigned char *end_signer, *end_issuer_and_sn;
+    int asn1_ret = 0, ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    size_t len = 0;
+    asn1_ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED
+                                    | MBEDTLS_ASN1_SEQUENCE);
+    if (asn1_ret != 0) {
+        goto out;
+    }
+    end_signer = *p + len;
+    ret = pkcs7_get_version(p, end_signer, &signer->version);
+    if (ret != 0) {
+        goto out;
+    }
+    asn1_ret = mbedtls_asn1_get_tag(p, end_signer, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
+    if (asn1_ret != 0) {
+        goto out;
+    }
+    end_issuer_and_sn = *p + len;
+    /* Parsing IssuerAndSerialNumber */
+    signer->issuer_raw.p = *p;
+    asn1_ret = mbedtls_asn1_get_tag(p, end_issuer_and_sn, &len,
+                                    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
+    if (asn1_ret != 0) {
+        goto out;
+    }
+    ret  = mbedtls_x509_get_name(p, *p + len, &signer->issuer);
+    if (ret != 0) {
+        goto out;
+    }
+    signer->issuer_raw.len =  *p - signer->issuer_raw.p;
+    ret = mbedtls_x509_get_serial(p, end_issuer_and_sn, &signer->serial);
+    if (ret != 0) {
+        goto out;
+    }
+    /* ensure no extra or missing bytes */
+    if (*p != end_issuer_and_sn) {
+        ret = MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO;
+        goto out;
+    }
+    ret = pkcs7_get_digest_algorithm(p, end_signer, &signer->alg_identifier);
+    if (ret != 0) {
+        goto out;
+    }
+    /* Check that the digest algorithm used matches the one provided earlier */
+    if (signer->alg_identifier.tag != alg->tag ||
+        signer->alg_identifier.len != alg->len ||
+        memcmp(signer->alg_identifier.p, alg->p, alg->len) != 0) {
+        ret = MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO;
+        goto out;
+    }
+    /* Assume authenticatedAttributes is nonexistent */
+    ret = pkcs7_get_digest_algorithm(p, end_signer, &signer->sig_alg_identifier);
+    if (ret != 0) {
+        goto out;
+    }
+    ret = pkcs7_get_signature(p, end_signer, &signer->sig);
+    if (ret != 0) {
+        goto out;
+    }
+    /* Do not permit any unauthenticated attributes */
+    if (*p != end_signer) {
+        ret = MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO;
+    }
+out:
+    if (asn1_ret != 0 || ret != 0) {
+        pkcs7_free_signer_info(signer);
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO,
+                                asn1_ret);
+    }
+    return ret;
+}
+/**
+ * SignerInfos ::= SET of SignerInfo
+ * Return number of signers added to the signed data,
+ * 0 or higher is valid.
+ * Return negative error code for failure.
+ **/
+static int pkcs7_get_signers_info_set(unsigned char **p, unsigned char *end,
+                                      mbedtls_pkcs7_signer_info *signers_set,
+                                      mbedtls_x509_buf *digest_alg)
+{
+    unsigned char *end_set;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    int count = 0;
+    size_t len = 0;
+    ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED
+                               | MBEDTLS_ASN1_SET);
+    if (ret != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO, ret);
+    }
+    /* Detect zero signers */
+    if (len == 0) {
+        return 0;
+    }
+    end_set = *p + len;
+    ret = pkcs7_get_signer_info(p, end_set, signers_set, digest_alg);
+    if (ret != 0) {
+        return ret;
+    }
+    count++;
+    mbedtls_pkcs7_signer_info *prev = signers_set;
+    while (*p != end_set) {
+        mbedtls_pkcs7_signer_info *signer =
+            mbedtls_calloc(1, sizeof(mbedtls_pkcs7_signer_info));
+        if (!signer) {
+            ret = MBEDTLS_ERR_PKCS7_ALLOC_FAILED;
+            goto cleanup;
+        }
+        ret = pkcs7_get_signer_info(p, end_set, signer, digest_alg);
+        if (ret != 0) {
+            mbedtls_free(signer);
+            goto cleanup;
+        }
+        prev->next = signer;
+        prev = signer;
+        count++;
+    }
+    return count;
+cleanup:
+    pkcs7_free_signer_info(signers_set);
+    mbedtls_pkcs7_signer_info *signer = signers_set->next;
+    while (signer != NULL) {
+        prev = signer;
+        signer = signer->next;
+        pkcs7_free_signer_info(prev);
+        mbedtls_free(prev);
+    }
+    signers_set->next = NULL;
+    return ret;
+}
+/**
+ * SignedData ::= SEQUENCE {
+ *      version Version,
+ *      digestAlgorithms DigestAlgorithmIdentifiers,
+ *      contentInfo ContentInfo,
+ *      certificates
+ *              [0] IMPLICIT ExtendedCertificatesAndCertificates
+ *                  OPTIONAL,
+ *      crls
+ *              [0] IMPLICIT CertificateRevocationLists OPTIONAL,
+ *      signerInfos SignerInfos }
+ */
+static int pkcs7_get_signed_data(unsigned char *buf, size_t buflen,
+                                 mbedtls_pkcs7_signed_data *signed_data)
+{
+    unsigned char *p = buf;
+    unsigned char *end = buf + buflen;
+    unsigned char *end_content_info = NULL;
+    size_t len = 0;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    mbedtls_md_type_t md_alg;
+    ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED
+                               | MBEDTLS_ASN1_SEQUENCE);
+    if (ret != 0) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT, ret);
+    }
+    if (p + len != end) {
+        return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT,
+                                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+    }
+    /* Get version of signed data */
+    ret = pkcs7_get_version(&p, end, &signed_data->version);
+    if (ret != 0) {
+        return ret;
+    }
+    /* Get digest algorithm */
+    ret = pkcs7_get_digest_algorithm_set(&p, end,
+                                         &signed_data->digest_alg_identifiers);
+    if (ret != 0) {
+        return ret;
+    }
+    ret = mbedtls_oid_get_md_alg(&signed_data->digest_alg_identifiers, &md_alg);
+    if (ret != 0) {
+        return MBEDTLS_ERR_PKCS7_INVALID_ALG;
+    }
+    mbedtls_pkcs7_buf content_type;
+    memset(&content_type, 0, sizeof(content_type));
+    ret = pkcs7_get_content_info_type(&p, end, &end_content_info, &content_type);
+    if (ret != 0) {
+        return ret;
+    }
+    if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_DATA, &content_type)) {
+        return MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO;
+    }
+    if (p != end_content_info) {
+        /* Determine if valid content is present */
+        ret = mbedtls_asn1_get_tag(&p,
+                                   end_content_info,
+                                   &len,
+                                   MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC);
+        if (ret != 0) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, ret);
+        }
+        p += len;
+        if (p != end_content_info) {
+            return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, ret);
+        }
+        /* Valid content is present - this is not supported */
+        return MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE;
+    }
+    /* Look for certificates, there may or may not be any */
+    mbedtls_x509_crt_init(&signed_data->certs);
+    ret = pkcs7_get_certificates(&p, end, &signed_data->certs);
+    if (ret < 0) {
+        return ret;
+    }
+    signed_data->no_of_certs = ret;
+    /*
+     * Currently CRLs are not supported. If CRL exist, the parsing will fail
+     * at next step of getting signers info and return error as invalid
+     * signer info.
+     */
+    signed_data->no_of_crls = 0;
+    /* Get signers info */
+    ret = pkcs7_get_signers_info_set(&p,
+                                     end,
+                                     &signed_data->signers,
+                                     &signed_data->digest_alg_identifiers);
+    if (ret < 0) {
+        return ret;
+    }
+    signed_data->no_of_signers = ret;
+    /* Don't permit trailing data */
+    if (p != end) {
+        return MBEDTLS_ERR_PKCS7_INVALID_FORMAT;
+    }
+    return 0;
+}
+int mbedtls_pkcs7_parse_der(mbedtls_pkcs7 *pkcs7, const unsigned char *buf,
+                            const size_t buflen)
+{
+    unsigned char *p;
+    unsigned char *end;
+    size_t len = 0;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    if (pkcs7 == NULL) {
+        return MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA;
+    }
+    /* make an internal copy of the buffer for parsing */
+    pkcs7->raw.p = p = mbedtls_calloc(1, buflen);
+    if (pkcs7->raw.p == NULL) {
+        ret = MBEDTLS_ERR_PKCS7_ALLOC_FAILED;
+        goto out;
+    }
+    memcpy(p, buf, buflen);
+    pkcs7->raw.len = buflen;
+    end = p + buflen;
+    ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED
+                               | MBEDTLS_ASN1_SEQUENCE);
+    if (ret != 0) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT, ret);
+        goto out;
+    }
+    if ((size_t) (end - p) != len) {
+        ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT,
+                                MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
+        goto out;
+    }
+    if ((ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OID)) != 0) {
+        if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
+            goto out;
+        }
+        p = pkcs7->raw.p;
+        len = buflen;
+        goto try_data;
+    }
+    if (MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_SIGNED_DATA, p, len)) {
+        /* OID is not MBEDTLS_OID_PKCS7_SIGNED_DATA, which is the only supported feature */
+        if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_DATA, p, len)
+            || !MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_ENCRYPTED_DATA, p, len)
+            || !MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_ENVELOPED_DATA, p, len)
+            || !MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_SIGNED_AND_ENVELOPED_DATA, p, len)
+            || !MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_DIGESTED_DATA, p, len)) {
+            /* OID is valid according to the spec, but unsupported */
+            ret =  MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE;
+        } else {
+            /* OID is invalid according to the spec */
+            ret = MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA;
+        }
+        goto out;
+    }
+    p += len;
+    ret = pkcs7_get_next_content_len(&p, end, &len);
+    if (ret != 0) {
+        goto out;
+    }
+    /* ensure no extra/missing data */
+    if (p + len != end) {
+        ret = MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA;
+        goto out;
+    }
+try_data:
+    ret = pkcs7_get_signed_data(p, len, &pkcs7->signed_data);
+    if (ret != 0) {
+        goto out;
+    }
+    ret = MBEDTLS_PKCS7_SIGNED_DATA;
+out:
+    if (ret < 0) {
+        mbedtls_pkcs7_free(pkcs7);
+    }
+    return ret;
+}
+static int mbedtls_pkcs7_data_or_hash_verify(mbedtls_pkcs7 *pkcs7,
+                                             const mbedtls_x509_crt *cert,
+                                             const unsigned char *data,
+                                             size_t datalen,
+                                             const int is_data_hash)
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    unsigned char *hash;
+    mbedtls_pk_context pk_cxt = cert->pk;
+    const mbedtls_md_info_t *md_info;
+    mbedtls_md_type_t md_alg;
+    mbedtls_pkcs7_signer_info *signer;
+    if (pkcs7->signed_data.no_of_signers == 0) {
+        return MBEDTLS_ERR_PKCS7_INVALID_CERT;
+    }
+    if (mbedtls_x509_time_is_past(&cert->valid_to) ||
+        mbedtls_x509_time_is_future(&cert->valid_from)) {
+        return MBEDTLS_ERR_PKCS7_CERT_DATE_INVALID;
+    }
+    ret = mbedtls_oid_get_md_alg(&pkcs7->signed_data.digest_alg_identifiers, &md_alg);
+    if (ret != 0) {
+        return ret;
+    }
+    md_info = mbedtls_md_info_from_type(md_alg);
+    if (md_info == NULL) {
+        return MBEDTLS_ERR_PKCS7_VERIFY_FAIL;
+    }
+    hash = mbedtls_calloc(mbedtls_md_get_size(md_info), 1);
+    if (hash == NULL) {
+        return MBEDTLS_ERR_PKCS7_ALLOC_FAILED;
+    }
+    /* BEGIN must free hash before jumping out */
+    if (is_data_hash) {
+        if (datalen != mbedtls_md_get_size(md_info)) {
+            ret = MBEDTLS_ERR_PKCS7_VERIFY_FAIL;
+        } else {
+            memcpy(hash, data, datalen);
+        }
+    } else {
+        ret = mbedtls_md(md_info, data, datalen, hash);
+    }
+    if (ret != 0) {
+        mbedtls_free(hash);
+        return MBEDTLS_ERR_PKCS7_VERIFY_FAIL;
+    }
+    /* assume failure */
+    ret = MBEDTLS_ERR_PKCS7_VERIFY_FAIL;
+    /*
+     * Potential TODOs
+     * Currently we iterate over all signers and return success if any of them
+     * verify.
+     *
+     * However, we could make this better by checking against the certificate's
+     * identification and SignerIdentifier fields first. That would also allow
+     * us to distinguish between 'no signature for key' and 'signature for key
+     * failed to validate'.
+     */
+    for (signer = &pkcs7->signed_data.signers; signer; signer = signer->next) {
+        ret = mbedtls_pk_verify(&pk_cxt, md_alg, hash,
+                                mbedtls_md_get_size(md_info),
+                                signer->sig.p, signer->sig.len);
+        if (ret == 0) {
+            break;
+        }
+    }
+    mbedtls_free(hash);
+    /* END must free hash before jumping out */
+    return ret;
+}
+int mbedtls_pkcs7_signed_data_verify(mbedtls_pkcs7 *pkcs7,
+                                     const mbedtls_x509_crt *cert,
+                                     const unsigned char *data,
+                                     size_t datalen)
+{
+    if (data == NULL) {
+        return MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA;
+    }
+    return mbedtls_pkcs7_data_or_hash_verify(pkcs7, cert, data, datalen, 0);
+}
+int mbedtls_pkcs7_signed_hash_verify(mbedtls_pkcs7 *pkcs7,
+                                     const mbedtls_x509_crt *cert,
+                                     const unsigned char *hash,
+                                     size_t hashlen)
+{
+    if (hash == NULL) {
+        return MBEDTLS_ERR_PKCS7_BAD_INPUT_DATA;
+    }
+    return mbedtls_pkcs7_data_or_hash_verify(pkcs7, cert, hash, hashlen, 1);
+}
+/*
+ * Unallocate all pkcs7 data
+ */
+void mbedtls_pkcs7_free(mbedtls_pkcs7 *pkcs7)
+{
+    mbedtls_pkcs7_signer_info *signer_cur;
+    mbedtls_pkcs7_signer_info *signer_prev;
+    if (pkcs7 == NULL || pkcs7->raw.p == NULL) {
+        return;
+    }
+    mbedtls_free(pkcs7->raw.p);
+    mbedtls_x509_crt_free(&pkcs7->signed_data.certs);
+    mbedtls_x509_crl_free(&pkcs7->signed_data.crl);
+    signer_cur = pkcs7->signed_data.signers.next;
+    pkcs7_free_signer_info(&pkcs7->signed_data.signers);
+    while (signer_cur != NULL) {
+        signer_prev = signer_cur;
+        signer_cur = signer_prev->next;
+        pkcs7_free_signer_info(signer_prev);
+        mbedtls_free(signer_prev);
+    }
+    pkcs7->raw.p = NULL;
+}
+#endif