The secureboot framework does not support RSA-PSS.


任云青
 

I would like to create anissue in bugzilla.

The detail is:

The secureboot framework finally invokes PKCS7_verifyof openssl. It has been verified that PKCS7_verify does not support verifying the contents with a RSA-PSS signature. The CMS_verify interface supports RSA-PSS. I would like to ask if the edk2 secureboot framework has any plans to support RSA-PSS?

For this issue, I do not have a patch to fix it...

Thank you.



Join devel@edk2.groups.io to automatically receive all group messages.