diff options
Diffstat (limited to 'roms/edk2/BaseTools/Source/Python/Pkcs7Sign')
11 files changed, 688 insertions, 0 deletions
diff --git a/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/Pkcs7Sign.py b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/Pkcs7Sign.py new file mode 100644 index 000000000..5d4c3a859 --- /dev/null +++ b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/Pkcs7Sign.py @@ -0,0 +1,280 @@ +## @file
+# This tool adds EFI_FIRMWARE_IMAGE_AUTHENTICATION for a binary.
+#
+# This tool only support CertType - EFI_CERT_TYPE_PKCS7_GUID
+# {0x4aafd29d, 0x68df, 0x49ee, {0x8a, 0xa9, 0x34, 0x7d, 0x37, 0x56, 0x65, 0xa7}}
+#
+# This tool has been tested with OpenSSL.
+#
+# Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+
+'''
+Pkcs7Sign
+'''
+from __future__ import print_function
+
+import os
+import sys
+import argparse
+import subprocess
+import uuid
+import struct
+import collections
+from Common.BuildVersion import gBUILD_VERSION
+
+#
+# Globals for help information
+#
+__prog__ = 'Pkcs7Sign'
+__version__ = '%s Version %s' % (__prog__, '0.9 ' + gBUILD_VERSION)
+__copyright__ = 'Copyright (c) 2016, Intel Corporation. All rights reserved.'
+__usage__ = '%s -e|-d [options] <input_file>' % (__prog__)
+
+#
+# GUID for PKCS7 from UEFI Specification
+#
+WIN_CERT_REVISION = 0x0200
+WIN_CERT_TYPE_EFI_GUID = 0x0EF1
+EFI_CERT_TYPE_PKCS7_GUID = uuid.UUID('{4aafd29d-68df-49ee-8aa9-347d375665a7}')
+
+#
+# typedef struct _WIN_CERTIFICATE {
+# UINT32 dwLength;
+# UINT16 wRevision;
+# UINT16 wCertificateType;
+# //UINT8 bCertificate[ANYSIZE_ARRAY];
+# } WIN_CERTIFICATE;
+#
+# typedef struct _WIN_CERTIFICATE_UEFI_GUID {
+# WIN_CERTIFICATE Hdr;
+# EFI_GUID CertType;
+# //UINT8 CertData[ANYSIZE_ARRAY];
+# } WIN_CERTIFICATE_UEFI_GUID;
+#
+# typedef struct {
+# UINT64 MonotonicCount;
+# WIN_CERTIFICATE_UEFI_GUID AuthInfo;
+# } EFI_FIRMWARE_IMAGE_AUTHENTICATION;
+#
+
+#
+# Filename of test signing private cert that is stored in same directory as this tool
+#
+TEST_SIGNER_PRIVATE_CERT_FILENAME = 'TestCert.pem'
+TEST_OTHER_PUBLIC_CERT_FILENAME = 'TestSub.pub.pem'
+TEST_TRUSTED_PUBLIC_CERT_FILENAME = 'TestRoot.pub.pem'
+
+if __name__ == '__main__':
+ #
+ # Create command line argument parser object
+ #
+ parser = argparse.ArgumentParser(prog=__prog__, usage=__usage__, description=__copyright__, conflict_handler='resolve')
+ group = parser.add_mutually_exclusive_group(required=True)
+ group.add_argument("-e", action="store_true", dest='Encode', help='encode file')
+ group.add_argument("-d", action="store_true", dest='Decode', help='decode file')
+ group.add_argument("--version", action='version', version=__version__)
+ parser.add_argument("-o", "--output", dest='OutputFile', type=str, metavar='filename', help="specify the output filename", required=True)
+ parser.add_argument("--signer-private-cert", dest='SignerPrivateCertFile', type=argparse.FileType('rb'), help="specify the signer private cert filename. If not specified, a test signer private cert is used.")
+ parser.add_argument("--other-public-cert", dest='OtherPublicCertFile', type=argparse.FileType('rb'), help="specify the other public cert filename. If not specified, a test other public cert is used.")
+ parser.add_argument("--trusted-public-cert", dest='TrustedPublicCertFile', type=argparse.FileType('rb'), help="specify the trusted public cert filename. If not specified, a test trusted public cert is used.")
+ parser.add_argument("--monotonic-count", dest='MonotonicCountStr', type=str, help="specify the MonotonicCount in FMP capsule. If not specified, 0 is used.")
+ parser.add_argument("--signature-size", dest='SignatureSizeStr', type=str, help="specify the signature size for decode process.")
+ parser.add_argument("-v", "--verbose", dest='Verbose', action="store_true", help="increase output messages")
+ parser.add_argument("-q", "--quiet", dest='Quiet', action="store_true", help="reduce output messages")
+ parser.add_argument("--debug", dest='Debug', type=int, metavar='[0-9]', choices=range(0, 10), default=0, help="set debug level")
+ parser.add_argument(metavar="input_file", dest='InputFile', type=argparse.FileType('rb'), help="specify the input filename")
+
+ #
+ # Parse command line arguments
+ #
+ args = parser.parse_args()
+
+ #
+ # Generate file path to Open SSL command
+ #
+ OpenSslCommand = 'openssl'
+ try:
+ OpenSslPath = os.environ['OPENSSL_PATH']
+ OpenSslCommand = os.path.join(OpenSslPath, OpenSslCommand)
+ if ' ' in OpenSslCommand:
+ OpenSslCommand = '"' + OpenSslCommand + '"'
+ except:
+ pass
+
+ #
+ # Verify that Open SSL command is available
+ #
+ try:
+ Process = subprocess.Popen('%s version' % (OpenSslCommand), stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
+ except:
+ print('ERROR: Open SSL command not available. Please verify PATH or set OPENSSL_PATH')
+ sys.exit(1)
+
+ Version = Process.communicate()
+ if Process.returncode != 0:
+ print('ERROR: Open SSL command not available. Please verify PATH or set OPENSSL_PATH')
+ sys.exit(Process.returncode)
+ print(Version[0].decode())
+
+ #
+ # Read input file into a buffer and save input filename
+ #
+ args.InputFileName = args.InputFile.name
+ args.InputFileBuffer = args.InputFile.read()
+ args.InputFile.close()
+
+ #
+ # Save output filename and check if path exists
+ #
+ OutputDir = os.path.dirname(args.OutputFile)
+ if not os.path.exists(OutputDir):
+ print('ERROR: The output path does not exist: %s' % OutputDir)
+ sys.exit(1)
+ args.OutputFileName = args.OutputFile
+
+ try:
+ if args.MonotonicCountStr.upper().startswith('0X'):
+ args.MonotonicCountValue = int(args.MonotonicCountStr, 16)
+ else:
+ args.MonotonicCountValue = int(args.MonotonicCountStr)
+ except:
+ args.MonotonicCountValue = int(0)
+
+ if args.Encode:
+ #
+ # Save signer private cert filename and close private cert file
+ #
+ try:
+ args.SignerPrivateCertFileName = args.SignerPrivateCertFile.name
+ args.SignerPrivateCertFile.close()
+ except:
+ try:
+ #
+ # Get path to currently executing script or executable
+ #
+ if hasattr(sys, 'frozen'):
+ Pkcs7ToolPath = sys.executable
+ else:
+ Pkcs7ToolPath = sys.argv[0]
+ if Pkcs7ToolPath.startswith('"'):
+ Pkcs7ToolPath = Pkcs7ToolPath[1:]
+ if Pkcs7ToolPath.endswith('"'):
+ Pkcs7ToolPath = RsaToolPath[:-1]
+ args.SignerPrivateCertFileName = os.path.join(os.path.dirname(os.path.realpath(Pkcs7ToolPath)), TEST_SIGNER_PRIVATE_CERT_FILENAME)
+ args.SignerPrivateCertFile = open(args.SignerPrivateCertFileName, 'rb')
+ args.SignerPrivateCertFile.close()
+ except:
+ print('ERROR: test signer private cert file %s missing' % (args.SignerPrivateCertFileName))
+ sys.exit(1)
+
+ #
+ # Save other public cert filename and close public cert file
+ #
+ try:
+ args.OtherPublicCertFileName = args.OtherPublicCertFile.name
+ args.OtherPublicCertFile.close()
+ except:
+ try:
+ #
+ # Get path to currently executing script or executable
+ #
+ if hasattr(sys, 'frozen'):
+ Pkcs7ToolPath = sys.executable
+ else:
+ Pkcs7ToolPath = sys.argv[0]
+ if Pkcs7ToolPath.startswith('"'):
+ Pkcs7ToolPath = Pkcs7ToolPath[1:]
+ if Pkcs7ToolPath.endswith('"'):
+ Pkcs7ToolPath = RsaToolPath[:-1]
+ args.OtherPublicCertFileName = os.path.join(os.path.dirname(os.path.realpath(Pkcs7ToolPath)), TEST_OTHER_PUBLIC_CERT_FILENAME)
+ args.OtherPublicCertFile = open(args.OtherPublicCertFileName, 'rb')
+ args.OtherPublicCertFile.close()
+ except:
+ print('ERROR: test other public cert file %s missing' % (args.OtherPublicCertFileName))
+ sys.exit(1)
+
+ format = "%dsQ" % len(args.InputFileBuffer)
+ FullInputFileBuffer = struct.pack(format, args.InputFileBuffer, args.MonotonicCountValue)
+
+ #
+ # Sign the input file using the specified private key and capture signature from STDOUT
+ #
+ Process = subprocess.Popen('%s smime -sign -binary -signer "%s" -outform DER -md sha256 -certfile "%s"' % (OpenSslCommand, args.SignerPrivateCertFileName, args.OtherPublicCertFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
+ Signature = Process.communicate(input=FullInputFileBuffer)[0]
+ if Process.returncode != 0:
+ sys.exit(Process.returncode)
+
+ #
+ # Write output file that contains Signature, and Input data
+ #
+ args.OutputFile = open(args.OutputFileName, 'wb')
+ args.OutputFile.write(Signature)
+ args.OutputFile.write(args.InputFileBuffer)
+ args.OutputFile.close()
+
+ if args.Decode:
+ #
+ # Save trusted public cert filename and close public cert file
+ #
+ try:
+ args.TrustedPublicCertFileName = args.TrustedPublicCertFile.name
+ args.TrustedPublicCertFile.close()
+ except:
+ try:
+ #
+ # Get path to currently executing script or executable
+ #
+ if hasattr(sys, 'frozen'):
+ Pkcs7ToolPath = sys.executable
+ else:
+ Pkcs7ToolPath = sys.argv[0]
+ if Pkcs7ToolPath.startswith('"'):
+ Pkcs7ToolPath = Pkcs7ToolPath[1:]
+ if Pkcs7ToolPath.endswith('"'):
+ Pkcs7ToolPath = RsaToolPath[:-1]
+ args.TrustedPublicCertFileName = os.path.join(os.path.dirname(os.path.realpath(Pkcs7ToolPath)), TEST_TRUSTED_PUBLIC_CERT_FILENAME)
+ args.TrustedPublicCertFile = open(args.TrustedPublicCertFileName, 'rb')
+ args.TrustedPublicCertFile.close()
+ except:
+ print('ERROR: test trusted public cert file %s missing' % (args.TrustedPublicCertFileName))
+ sys.exit(1)
+
+ if not args.SignatureSizeStr:
+ print("ERROR: please use the option --signature-size to specify the size of the signature data!")
+ sys.exit(1)
+ else:
+ if args.SignatureSizeStr.upper().startswith('0X'):
+ SignatureSize = int(args.SignatureSizeStr, 16)
+ else:
+ SignatureSize = int(args.SignatureSizeStr)
+ if SignatureSize < 0:
+ print("ERROR: The value of option --signature-size can't be set to negative value!")
+ sys.exit(1)
+ elif SignatureSize > len(args.InputFileBuffer):
+ print("ERROR: The value of option --signature-size is exceed the size of the input file !")
+ sys.exit(1)
+
+ args.SignatureBuffer = args.InputFileBuffer[0:SignatureSize]
+ args.InputFileBuffer = args.InputFileBuffer[SignatureSize:]
+
+ format = "%dsQ" % len(args.InputFileBuffer)
+ FullInputFileBuffer = struct.pack(format, args.InputFileBuffer, args.MonotonicCountValue)
+
+ #
+ # Save output file contents from input file
+ #
+ open(args.OutputFileName, 'wb').write(FullInputFileBuffer)
+
+ #
+ # Verify signature
+ #
+ Process = subprocess.Popen('%s smime -verify -inform DER -content %s -CAfile %s' % (OpenSslCommand, args.OutputFileName, args.TrustedPublicCertFileName), stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
+ Process.communicate(input=args.SignatureBuffer)[0]
+ if Process.returncode != 0:
+ print('ERROR: Verification failed')
+ os.remove (args.OutputFileName)
+ sys.exit(Process.returncode)
+
+ open(args.OutputFileName, 'wb').write(args.InputFileBuffer)
diff --git a/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/Readme.md b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/Readme.md new file mode 100644 index 000000000..a7b9caf52 --- /dev/null +++ b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/Readme.md @@ -0,0 +1,158 @@ +# Step by step to generate sample self-signed X.509 certificate chain and sign data with PKCS7 structure
+
+This readme demonstrates how to generate 3-layer X.509 certificate chain (RootCA -> IntermediateCA -> SigningCert) with OpenSSL commands, and user MUST set a UNIQUE Subject Name ("Common Name") on these three different certificates.
+
+## How to generate a self-signed X.509 certificate chain via OPENSSL
+* Set OPENSSL environment.
+
+NOTE: Below steps are required for Windows. Linux may already have the OPENSSL environment correctly.
+
+ set OPENSSL_HOME=c:\home\openssl\openssl-[version]
+ set OPENSSL_CONF=%OPENSSL_HOME%\apps\openssl.cnf
+
+When a user uses OpenSSL (req or ca command) to generate the certificates, OpenSSL will use the openssl.cnf file as the configuration data (can use "-config path/to/openssl.cnf" to describe the specific config file).
+
+The user need check the openssl.cnf file, to find your CA path setting, e.g. check if the path exists in [ CA_default ] section.
+
+ [ CA_default ]
+ dir = ./demoCA # Where everything is kept
+
+You may need the following steps for initialization:
+
+ rd ./demoCA /S/Q
+ mkdir ./demoCA
+ echo.>./demoCA/index.txt
+ echo 01 > ./demoCA/serial
+ mkdir ./demoCA/newcerts
+
+OpenSSL will apply the options from the specified sections in openssl.cnf when creating certificates or certificate signing requests. Make sure your configuration in openssl.cnf is correct and rational for certificate constraints.
+The following sample sections were used when generating test certificates in this readme.
+ ...
+ [ req ]
+ default_bits = 2048
+ default_keyfile = privkey.pem
+ distinguished_name = req_distinguished_name
+ attributes = req_attributes
+ x509_extensions = v3_ca # The extensions to add to the self signed cert
+ ...
+ [ v3_ca ]
+ # Extensions for a typical Root CA.
+ subjectKeyIdentifier=hash
+ authorityKeyIdentifier=keyid:always,issuer
+ basicConstraints = critical,CA:true
+ keyUsage = critical, digitalSignature, cRLSign, keyCertSign
+ ...
+ [ v3_intermediate_ca ]
+ # Extensions for a typical intermediate CA.
+ subjectKeyIdentifier = hash
+ authorityKeyIdentifier = keyid:always,issuer
+ basicConstraints = critical, CA:true
+ keyUsage = critical, digitalSignature, cRLSign, keyCertSign
+ ...
+ [ usr_cert ]
+ # Extensions for user end certificates.
+ basicConstraints = CA:FALSE
+ nsCertType = client, email
+ subjectKeyIdentifier = hash
+ authorityKeyIdentifier = keyid,issuer
+ keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment
+ extendedKeyUsage = clientAuth, emailProtection
+ ...
+
+* Generate the certificate chain:
+
+NOTE: User MUST set a UNIQUE "Common Name" on the different certificate
+
+1) Generate the Root Pair:
+
+Generate a root key:
+
+ openssl genrsa -aes256 -out TestRoot.key 2048
+
+Generate a self-signed root certificate:
+
+ openssl req -extensions v3_ca -new -x509 -days 3650 -key TestRoot.key -out TestRoot.crt
+ openssl x509 -in TestRoot.crt -out TestRoot.cer -outform DER
+ openssl x509 -inform DER -in TestRoot.cer -outform PEM -out TestRoot.pub.pem
+
+2) Generate the Intermediate Pair:
+
+Generate the intermediate key:
+
+ openssl genrsa -aes256 -out TestSub.key 2048
+
+Generate the intermediate certificate:
+
+ openssl req -new -days 3650 -key TestSub.key -out TestSub.csr
+ openssl ca -extensions v3_intermediate_ca -in TestSub.csr -days 3650 -out TestSub.crt -cert TestRoot.crt -keyfile TestRoot.key
+ openssl x509 -in TestSub.crt -out TestSub.cer -outform DER
+ openssl x509 -inform DER -in TestSub.cer -outform PEM -out TestSub.pub.pem
+
+3) Generate User Key Pair for Data Signing:
+
+Generate User key:
+
+ openssl genrsa -aes256 -out TestCert.key 2048
+
+Generate User certificate:
+
+ openssl req -new -days 3650 -key TestCert.key -out TestCert.csr
+ openssl ca -extensions usr_cert -in TestCert.csr -days 3650 -out TestCert.crt -cert TestSub.crt -keyfile TestSub.key
+ openssl x509 -in TestCert.crt -out TestCert.cer -outform DER
+ openssl x509 -inform DER -in TestCert.cer -outform PEM -out TestCert.pub.pem
+
+Convert Key and Certificate for signing. Password is removed with -nodes flag for convenience in this sample.
+
+ openssl pkcs12 -export -out TestCert.pfx -inkey TestCert.key -in TestCert.crt
+ openssl pkcs12 -in TestCert.pfx -nodes -out TestCert.pem
+
+* Verify Data Signing & Verification with new X.509 Certificate Chain
+
+1) Sign a Binary File to generate a detached PKCS7 signature:
+
+ openssl smime -sign -binary -signer TestCert.pem -outform DER -md sha256 -certfile TestSub.pub.pem -out test.bin.p7 -in test.bin
+
+2) Verify PKCS7 Signature of a Binary File:
+
+ openssl smime -verify -inform DER -in test.bin.p7 -content test.bin -CAfile TestRoot.pub.pem -out test.org.bin
+
+## Generate DSC PCD include files for Certificate
+
+The `BinToPcd` utility can be used to convert the binary Certificate file to a
+text file can be included from a DSC file to set a PCD to the contents of the
+Certificate file.
+
+The following 2 PCDs can be set to the PKCS7 Certificate value. The first one
+supports a single certificate. The second one supports multiple certificate
+values using the XDR format.
+* `gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer`
+* `gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr`
+
+Generate DSC PCD include files:
+```
+BinToPcd.py -i TestRoot.cer -p gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer -o TestRoot.cer.gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer.inc
+BinToPcd.py -i TestRoot.cer -p gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr -x -o TestRoot.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc
+```
+
+These files can be used in `!include` statements in DSC file PCD sections. For example:
+
+* Platform scoped fixed at build PCD section
+```
+[PcdsFixedAtBuild]
+ !include BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer.gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer.inc
+```
+
+* Platform scoped patchable in module PCD section
+```
+[PcdsPatchableInModule]
+ !include BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc
+```
+
+* Module scoped fixed at build PCD section
+```
+[Components]
+ FmpDevicePkg/FmpDxe/FmpDxe.inf {
+ <PcdsFixedAtBuild>
+ !include BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc
+ }
+```
diff --git a/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestCert.pem b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestCert.pem new file mode 100644 index 000000000..637856752 --- /dev/null +++ b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestCert.pem @@ -0,0 +1,60 @@ +Bag Attributes
+ localKeyID: 32 25 22 FA 81 B3 BF 25 E2 F7 8F 0B 1B C4 50 70 BB B7 85 96
+subject=/C=CN/ST=SH/O=TianoCore/OU=EDKII/CN=TestCert/emailAddress=edkii@tianocore.org
+issuer=/C=CN/ST=SH/O=TianoCore/OU=EDKII/CN=TestSub/emailAddress=edkii@tianocore.org
+-----BEGIN CERTIFICATE-----
+MIIEKzCCAxOgAwIBAgICEAMwDQYJKoZIhvcNAQELBQAwdDELMAkGA1UEBhMCQ04x
+CzAJBgNVBAgMAlNIMRIwEAYDVQQKDAlUaWFub0NvcmUxDjAMBgNVBAsMBUVES0lJ
+MRAwDgYDVQQDDAdUZXN0U3ViMSIwIAYJKoZIhvcNAQkBFhNlZGtpaUB0aWFub2Nv
+cmUub3JnMB4XDTE3MDQxMDA4MzgwNFoXDTE4MDQxMDA4MzgwNFowdTELMAkGA1UE
+BhMCQ04xCzAJBgNVBAgMAlNIMRIwEAYDVQQKDAlUaWFub0NvcmUxDjAMBgNVBAsM
+BUVES0lJMREwDwYDVQQDDAhUZXN0Q2VydDEiMCAGCSqGSIb3DQEJARYTZWRraWlA
+dGlhbm9jb3JlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPe+
+2NX/Tf0iWMJgYMXMoWOiveX9FGx9YcwH+BKn9ZPZHig6CsZ6B17fwBWek8rIOAOR
+W8FL+UyRhsnKF/oKjMN7awiLjackjq8m0bPFHVl4dJooulHmSPCsRMeG/pWs4DVP
+WiIoF1uvXN6MZ3zt0hofgqPnGjJQF0HLECrPqyBv7sit9fIaNZ/clqcR3ZqdXQRU
+fEk7dE8pg+ZjNNa/5WTGwSBB7Ieku4jGbKybvpj6FtEP/8YyAJC3fOD+Y4PIQCnF
+xzWchOGrFcoeqgf/hLhzoiRvalgnvjczbo3W4sgFwFD/WxoDqb1l1moHyOubw5oT
+CdD+J+QwdFl1kCkG+K8CAwEAAaOBxTCBwjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIB
+AQQEAwIFoDAzBglghkgBhvhCAQ0EJhYkT3BlblNTTCBHZW5lcmF0ZWQgQ2xpZW50
+IENlcnRpZmljYXRlMB0GA1UdDgQWBBTACEuCjiL/cFrP+l8hECWctq+Q+TAfBgNV
+HSMEGDAWgBTWnWbWSXz6II1ddWkqQQp6A1ql6zAOBgNVHQ8BAf8EBAMCBeAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4IBAQA7
+vYHdpk9u63dpMKAt5MrKU9dxVn/wuqNaYQMucvQLpcE12fgWMhV2wOHlmk3fJxq7
+CnD8QVaRbL3OQYWQQDA+sGNSJ9r71WFFET++94Rny6BzTz+dkrvIS4WaL/vLZ17c
+/gOsMCZUlhodxDcSSkachab3eE/VTEzOMUm41YYeW7USIoNSSgkWSnwZQVgcIg93
+F9X6lIr0Ik6rxHMq2ManiuSh6cMjJMGYGf2/58TySIefrXTe2A3TKQR27OYjfXJO
+l/H7u+4HS9AVCA7b9NihR5iSho5HrWqNC4Mmuz8D8iFOI2nWcek86StDswtoqDtu
+yekXblzF5lQY0goqDiks
+-----END CERTIFICATE-----
+Bag Attributes
+ localKeyID: 32 25 22 FA 81 B3 BF 25 E2 F7 8F 0B 1B C4 50 70 BB B7 85 96
+Key Attributes: <No Attributes>
+-----BEGIN PRIVATE KEY-----
+MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQD3vtjV/039IljC
+YGDFzKFjor3l/RRsfWHMB/gSp/WT2R4oOgrGegde38AVnpPKyDgDkVvBS/lMkYbJ
+yhf6CozDe2sIi42nJI6vJtGzxR1ZeHSaKLpR5kjwrETHhv6VrOA1T1oiKBdbr1ze
+jGd87dIaH4Kj5xoyUBdByxAqz6sgb+7IrfXyGjWf3JanEd2anV0EVHxJO3RPKYPm
+YzTWv+VkxsEgQeyHpLuIxmysm76Y+hbRD//GMgCQt3zg/mODyEApxcc1nIThqxXK
+HqoH/4S4c6Ikb2pYJ743M26N1uLIBcBQ/1saA6m9ZdZqB8jrm8OaEwnQ/ifkMHRZ
+dZApBvivAgMBAAECggEBAJ8NtLJ27T/1vBxWuepjfL217sroFyOrv4y5FQgNMvnP
+q6/Ry7cvAupjJjP7EhFfR67qtIi92PjSeUG18HzEJykdZFMhHTlQnBZRCtKqWzRk
+xB9wxGXuPafeQW4D+hBn4632GvzQ1mYziKEMbShkmr3QuxO1PDlO+A9yahfCKbBx
+SPCo+McV+N4c8ft/0UPMxqJLcZSMWscrBMCw1OhGdHry4CEr+NWHBeAAUWXrGSlq
+BPwM6PT00fku1RwQrw0QZw0YKL8VH5iA/uD8hfuaO2YUlt2Z025csNRyIPrizr6v
+Q8Is7jetqPpXulWSBtSYoghTj97DeYQQsQwck+tQN6kCgYEA/beFmdojyc9CoLkd
+0MgwyPBdWma77rj80PAgeRm0hl2KQa8pA6dL/1y5x3vA25gqBr++q+KmSkYT6z/Z
+n3llOk6pRlSWFlxuSLHVjOb/Qp1V/uxEG68Tg8L/I3SlMWiQ+/MnsXNHh+WEtKcZ
+FCVd0ASA4NbsKYKflT2QgraDB00CgYEA+fmRrwRlkh2OxVrxpGFER2uosYGlwQiq
+Xb75eU8BnpO8CCnXtBK4Uv3J6l/zfc+Tr2LzzgPkQiWd4NF1/EFxCNQA5kxGcPf5
+F4f8dPr8CrADO1JNrX2ITHsosaaC1ImdW/r6tl66Ie2ueCImk5Yfu5DQv7JrKh/d
+lrTEUxJL2esCgYEA2VKBla9MSGjH4XOvHk7busJotC6be3fo1e9ZYWGrSAyHiIvI
+zeBXMHz0hPJz16UXGoDTideyKJyuIyul9Pu+wZrvU9bQWIcD0DDDgtW6gAzUxG8M
+R8pHJO26LVyUwyWWSrmUnmLoOndWnIck7CS1nqC849o0n7nLh8IcLlq3EWECgYEA
+1HkeLE4na2f2R6fChv8qAy7uJ1rUodwUuzQtZsAR11EpXSL7tpLG27veGXpPQ9vh
+Yw1PwAesx9Cjfklr6OtTAbb5wMaKhVExB6BNpL0E6KytQon1foaaCLASadXnlHIY
+L+uHmOWxfk9BodkdQwsyk8JGvPoRfq+xMH0b9qQxltsCgYEAtNf8yvoTXUHa2zje
+PvI6OiQjuiON5UIt9KkQNrIrcm4wiQ2eVdkCQcUstuXtmBtvnsrxlay0jbSz2bV6
+1sWlJIvfZJujC901yMs5+twr6jMuXZ6ashWF1f2UbwgtKvh49PPgly4RhWST3Kp1
+J1AmCrzTwtaNmTZd1g5IYreXpKw=
+-----END PRIVATE KEY-----
diff --git a/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestCert.pub.pem b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestCert.pub.pem new file mode 100644 index 000000000..f98462718 --- /dev/null +++ b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestCert.pub.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE-----
+MIIEKzCCAxOgAwIBAgICEAMwDQYJKoZIhvcNAQELBQAwdDELMAkGA1UEBhMCQ04x
+CzAJBgNVBAgMAlNIMRIwEAYDVQQKDAlUaWFub0NvcmUxDjAMBgNVBAsMBUVES0lJ
+MRAwDgYDVQQDDAdUZXN0U3ViMSIwIAYJKoZIhvcNAQkBFhNlZGtpaUB0aWFub2Nv
+cmUub3JnMB4XDTE3MDQxMDA4MzgwNFoXDTE4MDQxMDA4MzgwNFowdTELMAkGA1UE
+BhMCQ04xCzAJBgNVBAgMAlNIMRIwEAYDVQQKDAlUaWFub0NvcmUxDjAMBgNVBAsM
+BUVES0lJMREwDwYDVQQDDAhUZXN0Q2VydDEiMCAGCSqGSIb3DQEJARYTZWRraWlA
+dGlhbm9jb3JlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPe+
+2NX/Tf0iWMJgYMXMoWOiveX9FGx9YcwH+BKn9ZPZHig6CsZ6B17fwBWek8rIOAOR
+W8FL+UyRhsnKF/oKjMN7awiLjackjq8m0bPFHVl4dJooulHmSPCsRMeG/pWs4DVP
+WiIoF1uvXN6MZ3zt0hofgqPnGjJQF0HLECrPqyBv7sit9fIaNZ/clqcR3ZqdXQRU
+fEk7dE8pg+ZjNNa/5WTGwSBB7Ieku4jGbKybvpj6FtEP/8YyAJC3fOD+Y4PIQCnF
+xzWchOGrFcoeqgf/hLhzoiRvalgnvjczbo3W4sgFwFD/WxoDqb1l1moHyOubw5oT
+CdD+J+QwdFl1kCkG+K8CAwEAAaOBxTCBwjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIB
+AQQEAwIFoDAzBglghkgBhvhCAQ0EJhYkT3BlblNTTCBHZW5lcmF0ZWQgQ2xpZW50
+IENlcnRpZmljYXRlMB0GA1UdDgQWBBTACEuCjiL/cFrP+l8hECWctq+Q+TAfBgNV
+HSMEGDAWgBTWnWbWSXz6II1ddWkqQQp6A1ql6zAOBgNVHQ8BAf8EBAMCBeAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4IBAQA7
+vYHdpk9u63dpMKAt5MrKU9dxVn/wuqNaYQMucvQLpcE12fgWMhV2wOHlmk3fJxq7
+CnD8QVaRbL3OQYWQQDA+sGNSJ9r71WFFET++94Rny6BzTz+dkrvIS4WaL/vLZ17c
+/gOsMCZUlhodxDcSSkachab3eE/VTEzOMUm41YYeW7USIoNSSgkWSnwZQVgcIg93
+F9X6lIr0Ik6rxHMq2ManiuSh6cMjJMGYGf2/58TySIefrXTe2A3TKQR27OYjfXJO
+l/H7u+4HS9AVCA7b9NihR5iSho5HrWqNC4Mmuz8D8iFOI2nWcek86StDswtoqDtu
+yekXblzF5lQY0goqDiks
+-----END CERTIFICATE-----
diff --git a/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer Binary files differnew file mode 100644 index 000000000..4c9bf0be5 --- /dev/null +++ b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer diff --git a/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer.gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer.inc b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer.gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer.inc new file mode 100644 index 000000000..907c70dd9 --- /dev/null +++ b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer.gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer.inc @@ -0,0 +1 @@ + gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer|{0x30, 0x82, 0x03, 0xEC, 0x30, 0x82, 0x02, 0xD4, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xC0, 0x91, 0xC5, 0xE2, 0xB7, 0x66, 0xC0, 0xF8, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x82, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x43, 0x4E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x02, 0x53, 0x48, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x02, 0x53, 0x48, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x09, 0x54, 0x69, 0x61, 0x6E, 0x6F, 0x43, 0x6F, 0x72, 0x65, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x05, 0x45, 0x44, 0x4B, 0x49, 0x49, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x08, 0x54, 0x65, 0x73, 0x74, 0x52, 0x6F, 0x6F, 0x74, 0x31, 0x22, 0x30, 0x20, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x13, 0x65, 0x64, 0x6B, 0x69, 0x69, 0x40, 0x74, 0x69, 0x61, 0x6E, 0x6F, 0x63, 0x6F, 0x72, 0x65, 0x2E, 0x6F, 0x72, 0x67, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x37, 0x30, 0x34, 0x31, 0x30, 0x30, 0x38, 0x32, 0x37, 0x34, 0x30, 0x5A, 0x17, 0x0D, 0x31, 0x37, 0x30, 0x35, 0x31, 0x30, 0x30, 0x38, 0x32, 0x37, 0x34, 0x30, 0x5A, 0x30, 0x81, 0x82, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x43, 0x4E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x02, 0x53, 0x48, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x02, 0x53, 0x48, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x09, 0x54, 0x69, 0x61, 0x6E, 0x6F, 0x43, 0x6F, 0x72, 0x65, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x05, 0x45, 0x44, 0x4B, 0x49, 0x49, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x08, 0x54, 0x65, 0x73, 0x74, 0x52, 0x6F, 0x6F, 0x74, 0x31, 0x22, 0x30, 0x20, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x13, 0x65, 0x64, 0x6B, 0x69, 0x69, 0x40, 0x74, 0x69, 0x61, 0x6E, 0x6F, 0x63, 0x6F, 0x72, 0x65, 0x2E, 0x6F, 0x72, 0x67, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xB9, 0x29, 0x29, 0x6C, 0x60, 0x0C, 0xD7, 0x23, 0xF6, 0x7D, 0xEE, 0xF0, 0x62, 0xFF, 0xD9, 0xC9, 0xAA, 0x55, 0x8C, 0x81, 0x95, 0x56, 0x3F, 0xB7, 0x56, 0x53, 0xB0, 0xC2, 0x82, 0x12, 0xC5, 0x3B, 0x75, 0x23, 0xB9, 0x4D, 0xD6, 0xC4, 0x55, 0x73, 0xF3, 0xAA, 0x95, 0xA8, 0x1B, 0xF3, 0x93, 0x7E, 0x9E, 0x40, 0xE4, 0x1D, 0x22, 0x9C, 0x93, 0x07, 0x0B, 0xD7, 0xAA, 0x5B, 0xD7, 0xE4, 0x1A, 0x21, 0x84, 0xD7, 0x63, 0x59, 0x03, 0x50, 0x1F, 0xF5, 0x14, 0x55, 0x93, 0x91, 0x9B, 0xF5, 0x52, 0xB0, 0xBF, 0x0E, 0x5C, 0x68, 0x3B, 0x59, 0x52, 0x98, 0x96, 0x56, 0xE1, 0xAB, 0xC4, 0x43, 0xBB, 0x05, 0x57, 0x78, 0x45, 0x01, 0x9F, 0x58, 0x15, 0x53, 0x0E, 0x11, 0x94, 0x2F, 0x0E, 0xF1, 0xA6, 0x19, 0xA2, 0x6E, 0x86, 0x39, 0x2B, 0x33, 0x8D, 0xC7, 0xC5, 0xEB, 0xEE, 0x1E, 0x33, 0xD3, 0x32, 0x94, 0xC1, 0x59, 0xC4, 0x0C, 0x97, 0x0B, 0x12, 0x48, 0x5F, 0x33, 0xF6, 0x60, 0x74, 0x7D, 0x57, 0xC2, 0x13, 0x2D, 0x7D, 0xA9, 0x87, 0xA3, 0x35, 0xEA, 0x91, 0x83, 0x3F, 0x67, 0x7A, 0x92, 0x1F, 0x01, 0x53, 0x9F, 0x62, 0x5F, 0x99, 0x12, 0xFD, 0x73, 0x1B, 0x2D, 0x9E, 0x2B, 0x6C, 0x34, 0x49, 0xAF, 0x4F, 0x07, 0x8F, 0xC0, 0xE9, 0x6B, 0x9E, 0x5F, 0x79, 0x35, 0xDA, 0x2A, 0x5C, 0x88, 0xEE, 0xF6, 0x48, 0x61, 0xDA, 0x96, 0xE3, 0x48, 0x46, 0xA0, 0x94, 0x1C, 0x9D, 0xF6, 0x5C, 0x87, 0x0E, 0xEF, 0x74, 0x09, 0x91, 0x0D, 0x3D, 0x5A, 0xE7, 0xC5, 0x4C, 0x8A, 0x7A, 0xAC, 0xA1, 0x85, 0xB6, 0x67, 0x44, 0x17, 0x55, 0x52, 0x3A, 0xE8, 0x11, 0x4D, 0x58, 0xA2, 0x93, 0x00, 0x62, 0xEA, 0x7B, 0x80, 0xED, 0xCF, 0xBD, 0xDF, 0x75, 0x80, 0x4B, 0xB9, 0x65, 0x63, 0xAD, 0x0B, 0x4D, 0x74, 0xFA, 0x59, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x63, 0x30, 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x16, 0xAA, 0xD6, 0x8E, 0x1B, 0x2D, 0x43, 0xF3, 0x2D, 0xB0, 0x24, 0xAD, 0x36, 0x65, 0x3F, 0xB2, 0xFA, 0xB1, 0x2C, 0xED, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x16, 0xAA, 0xD6, 0x8E, 0x1B, 0x2D, 0x43, 0xF3, 0x2D, 0xB0, 0x24, 0xAD, 0x36, 0x65, 0x3F, 0xB2, 0xFA, 0xB1, 0x2C, 0xED, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x95, 0xDE, 0xDF, 0xA4, 0x14, 0xDB, 0x92, 0x22, 0x78, 0x1A, 0xBD, 0x31, 0x9D, 0x1E, 0xD7, 0x2F, 0x0A, 0x10, 0x11, 0x5D, 0x74, 0x61, 0xE8, 0x30, 0xC4, 0xF3, 0x15, 0xE9, 0x30, 0x54, 0xF4, 0xBB, 0x0C, 0x04, 0x78, 0x13, 0x5D, 0x2C, 0xDD, 0x8C, 0x92, 0x90, 0xD1, 0x9C, 0xD0, 0xD0, 0x18, 0xA3, 0xA3, 0xFC, 0x8C, 0x28, 0x5A, 0xD4, 0x91, 0x4D, 0x08, 0xC3, 0xF6, 0x1A, 0xC8, 0xDD, 0xA6, 0x08, 0x58, 0xE2, 0x15, 0x95, 0xFB, 0x2D, 0x2D, 0x8A, 0xB1, 0x30, 0x80, 0xBD, 0x9A, 0xB6, 0xE1, 0x2C, 0x20, 0x3E, 0xDD, 0xC4, 0xC7, 0x55, 0x65, 0xCF, 0x28, 0x17, 0xF4, 0xEE, 0xDA, 0xBE, 0x77, 0x70, 0xD5, 0x52, 0xD6, 0x15, 0x7A, 0xFB, 0xAD, 0xAF, 0xFD, 0xD5, 0x45, 0x90, 0x5A, 0xE6, 0x31, 0x42, 0xD7, 0x84, 0xB3, 0x49, 0x56, 0x6A, 0xD3, 0x47, 0xF3, 0xBF, 0x68, 0x60, 0x8B, 0x0F, 0xE2, 0xAF, 0xF4, 0xE3, 0xEC, 0x12, 0xB9, 0xE2, 0x3A, 0x16, 0x11, 0x4E, 0x4D, 0x73, 0x79, 0xAF, 0x47, 0x85, 0x4C, 0x76, 0x26, 0x9E, 0x8B, 0x32, 0xC0, 0x8E, 0xC2, 0xDC, 0x27, 0xA6, 0xEF, 0xAC, 0x93, 0x9E, 0xA1, 0x5E, 0xCF, 0x34, 0x45, 0xE0, 0x2A, 0xC7, 0x9D, 0x4D, 0xD7, 0xD7, 0x37, 0x72, 0x97, 0xF8, 0x58, 0xF9, 0xB6, 0x35, 0x48, 0xF1, 0xD1, 0x0A, 0x72, 0x7F, 0xFD, 0x4D, 0x7C, 0xE9, 0xCC, 0xD8, 0x48, 0x1B, 0x49, 0x52, 0x53, 0xDE, 0x51, 0x01, 0x53, 0x35, 0xBC, 0x90, 0xCD, 0x8C, 0x8A, 0xCC, 0x43, 0x20, 0xA7, 0x45, 0xFF, 0x2B, 0x55, 0xB0, 0x8B, 0x2D, 0xFF, 0x55, 0x15, 0x4B, 0x84, 0xD0, 0xC3, 0xD3, 0x90, 0x9C, 0x94, 0x4B, 0x55, 0xD5, 0x62, 0xEA, 0x22, 0xAB, 0x62, 0x68, 0xDD, 0x53, 0xC6, 0xDC, 0xA5, 0xDD, 0x9A, 0x2D, 0x8E, 0x79, 0x7C, 0x2E, 0x9C, 0xE4, 0x66, 0x80, 0x8C, 0x1D}
\ No newline at end of file diff --git a/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc new file mode 100644 index 000000000..69f7341d6 --- /dev/null +++ b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.cer.gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr.inc @@ -0,0 +1 @@ + gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr|{0x00, 0x00, 0x03, 0xF0, 0x30, 0x82, 0x03, 0xEC, 0x30, 0x82, 0x02, 0xD4, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xC0, 0x91, 0xC5, 0xE2, 0xB7, 0x66, 0xC0, 0xF8, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x81, 0x82, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x43, 0x4E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x02, 0x53, 0x48, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x02, 0x53, 0x48, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x09, 0x54, 0x69, 0x61, 0x6E, 0x6F, 0x43, 0x6F, 0x72, 0x65, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x05, 0x45, 0x44, 0x4B, 0x49, 0x49, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x08, 0x54, 0x65, 0x73, 0x74, 0x52, 0x6F, 0x6F, 0x74, 0x31, 0x22, 0x30, 0x20, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x13, 0x65, 0x64, 0x6B, 0x69, 0x69, 0x40, 0x74, 0x69, 0x61, 0x6E, 0x6F, 0x63, 0x6F, 0x72, 0x65, 0x2E, 0x6F, 0x72, 0x67, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x37, 0x30, 0x34, 0x31, 0x30, 0x30, 0x38, 0x32, 0x37, 0x34, 0x30, 0x5A, 0x17, 0x0D, 0x31, 0x37, 0x30, 0x35, 0x31, 0x30, 0x30, 0x38, 0x32, 0x37, 0x34, 0x30, 0x5A, 0x30, 0x81, 0x82, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x43, 0x4E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x02, 0x53, 0x48, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x02, 0x53, 0x48, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x09, 0x54, 0x69, 0x61, 0x6E, 0x6F, 0x43, 0x6F, 0x72, 0x65, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x05, 0x45, 0x44, 0x4B, 0x49, 0x49, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x08, 0x54, 0x65, 0x73, 0x74, 0x52, 0x6F, 0x6F, 0x74, 0x31, 0x22, 0x30, 0x20, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x13, 0x65, 0x64, 0x6B, 0x69, 0x69, 0x40, 0x74, 0x69, 0x61, 0x6E, 0x6F, 0x63, 0x6F, 0x72, 0x65, 0x2E, 0x6F, 0x72, 0x67, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xB9, 0x29, 0x29, 0x6C, 0x60, 0x0C, 0xD7, 0x23, 0xF6, 0x7D, 0xEE, 0xF0, 0x62, 0xFF, 0xD9, 0xC9, 0xAA, 0x55, 0x8C, 0x81, 0x95, 0x56, 0x3F, 0xB7, 0x56, 0x53, 0xB0, 0xC2, 0x82, 0x12, 0xC5, 0x3B, 0x75, 0x23, 0xB9, 0x4D, 0xD6, 0xC4, 0x55, 0x73, 0xF3, 0xAA, 0x95, 0xA8, 0x1B, 0xF3, 0x93, 0x7E, 0x9E, 0x40, 0xE4, 0x1D, 0x22, 0x9C, 0x93, 0x07, 0x0B, 0xD7, 0xAA, 0x5B, 0xD7, 0xE4, 0x1A, 0x21, 0x84, 0xD7, 0x63, 0x59, 0x03, 0x50, 0x1F, 0xF5, 0x14, 0x55, 0x93, 0x91, 0x9B, 0xF5, 0x52, 0xB0, 0xBF, 0x0E, 0x5C, 0x68, 0x3B, 0x59, 0x52, 0x98, 0x96, 0x56, 0xE1, 0xAB, 0xC4, 0x43, 0xBB, 0x05, 0x57, 0x78, 0x45, 0x01, 0x9F, 0x58, 0x15, 0x53, 0x0E, 0x11, 0x94, 0x2F, 0x0E, 0xF1, 0xA6, 0x19, 0xA2, 0x6E, 0x86, 0x39, 0x2B, 0x33, 0x8D, 0xC7, 0xC5, 0xEB, 0xEE, 0x1E, 0x33, 0xD3, 0x32, 0x94, 0xC1, 0x59, 0xC4, 0x0C, 0x97, 0x0B, 0x12, 0x48, 0x5F, 0x33, 0xF6, 0x60, 0x74, 0x7D, 0x57, 0xC2, 0x13, 0x2D, 0x7D, 0xA9, 0x87, 0xA3, 0x35, 0xEA, 0x91, 0x83, 0x3F, 0x67, 0x7A, 0x92, 0x1F, 0x01, 0x53, 0x9F, 0x62, 0x5F, 0x99, 0x12, 0xFD, 0x73, 0x1B, 0x2D, 0x9E, 0x2B, 0x6C, 0x34, 0x49, 0xAF, 0x4F, 0x07, 0x8F, 0xC0, 0xE9, 0x6B, 0x9E, 0x5F, 0x79, 0x35, 0xDA, 0x2A, 0x5C, 0x88, 0xEE, 0xF6, 0x48, 0x61, 0xDA, 0x96, 0xE3, 0x48, 0x46, 0xA0, 0x94, 0x1C, 0x9D, 0xF6, 0x5C, 0x87, 0x0E, 0xEF, 0x74, 0x09, 0x91, 0x0D, 0x3D, 0x5A, 0xE7, 0xC5, 0x4C, 0x8A, 0x7A, 0xAC, 0xA1, 0x85, 0xB6, 0x67, 0x44, 0x17, 0x55, 0x52, 0x3A, 0xE8, 0x11, 0x4D, 0x58, 0xA2, 0x93, 0x00, 0x62, 0xEA, 0x7B, 0x80, 0xED, 0xCF, 0xBD, 0xDF, 0x75, 0x80, 0x4B, 0xB9, 0x65, 0x63, 0xAD, 0x0B, 0x4D, 0x74, 0xFA, 0x59, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x63, 0x30, 0x61, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x16, 0xAA, 0xD6, 0x8E, 0x1B, 0x2D, 0x43, 0xF3, 0x2D, 0xB0, 0x24, 0xAD, 0x36, 0x65, 0x3F, 0xB2, 0xFA, 0xB1, 0x2C, 0xED, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x16, 0xAA, 0xD6, 0x8E, 0x1B, 0x2D, 0x43, 0xF3, 0x2D, 0xB0, 0x24, 0xAD, 0x36, 0x65, 0x3F, 0xB2, 0xFA, 0xB1, 0x2C, 0xED, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01, 0x01, 0xFF, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x95, 0xDE, 0xDF, 0xA4, 0x14, 0xDB, 0x92, 0x22, 0x78, 0x1A, 0xBD, 0x31, 0x9D, 0x1E, 0xD7, 0x2F, 0x0A, 0x10, 0x11, 0x5D, 0x74, 0x61, 0xE8, 0x30, 0xC4, 0xF3, 0x15, 0xE9, 0x30, 0x54, 0xF4, 0xBB, 0x0C, 0x04, 0x78, 0x13, 0x5D, 0x2C, 0xDD, 0x8C, 0x92, 0x90, 0xD1, 0x9C, 0xD0, 0xD0, 0x18, 0xA3, 0xA3, 0xFC, 0x8C, 0x28, 0x5A, 0xD4, 0x91, 0x4D, 0x08, 0xC3, 0xF6, 0x1A, 0xC8, 0xDD, 0xA6, 0x08, 0x58, 0xE2, 0x15, 0x95, 0xFB, 0x2D, 0x2D, 0x8A, 0xB1, 0x30, 0x80, 0xBD, 0x9A, 0xB6, 0xE1, 0x2C, 0x20, 0x3E, 0xDD, 0xC4, 0xC7, 0x55, 0x65, 0xCF, 0x28, 0x17, 0xF4, 0xEE, 0xDA, 0xBE, 0x77, 0x70, 0xD5, 0x52, 0xD6, 0x15, 0x7A, 0xFB, 0xAD, 0xAF, 0xFD, 0xD5, 0x45, 0x90, 0x5A, 0xE6, 0x31, 0x42, 0xD7, 0x84, 0xB3, 0x49, 0x56, 0x6A, 0xD3, 0x47, 0xF3, 0xBF, 0x68, 0x60, 0x8B, 0x0F, 0xE2, 0xAF, 0xF4, 0xE3, 0xEC, 0x12, 0xB9, 0xE2, 0x3A, 0x16, 0x11, 0x4E, 0x4D, 0x73, 0x79, 0xAF, 0x47, 0x85, 0x4C, 0x76, 0x26, 0x9E, 0x8B, 0x32, 0xC0, 0x8E, 0xC2, 0xDC, 0x27, 0xA6, 0xEF, 0xAC, 0x93, 0x9E, 0xA1, 0x5E, 0xCF, 0x34, 0x45, 0xE0, 0x2A, 0xC7, 0x9D, 0x4D, 0xD7, 0xD7, 0x37, 0x72, 0x97, 0xF8, 0x58, 0xF9, 0xB6, 0x35, 0x48, 0xF1, 0xD1, 0x0A, 0x72, 0x7F, 0xFD, 0x4D, 0x7C, 0xE9, 0xCC, 0xD8, 0x48, 0x1B, 0x49, 0x52, 0x53, 0xDE, 0x51, 0x01, 0x53, 0x35, 0xBC, 0x90, 0xCD, 0x8C, 0x8A, 0xCC, 0x43, 0x20, 0xA7, 0x45, 0xFF, 0x2B, 0x55, 0xB0, 0x8B, 0x2D, 0xFF, 0x55, 0x15, 0x4B, 0x84, 0xD0, 0xC3, 0xD3, 0x90, 0x9C, 0x94, 0x4B, 0x55, 0xD5, 0x62, 0xEA, 0x22, 0xAB, 0x62, 0x68, 0xDD, 0x53, 0xC6, 0xDC, 0xA5, 0xDD, 0x9A, 0x2D, 0x8E, 0x79, 0x7C, 0x2E, 0x9C, 0xE4, 0x66, 0x80, 0x8C, 0x1D}
\ No newline at end of file diff --git a/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.pem b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.pem new file mode 100644 index 000000000..1331933c3 --- /dev/null +++ b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.pem @@ -0,0 +1,58 @@ +Bag Attributes
+ localKeyID: F4 2E C8 1D 29 A0 02 47 B7 93 2B 69 8D 8D D1 33 7A E3 09 30
+subject=/C=CN/ST=SH/L=SH/O=TianoCore/OU=EDKII/CN=TestRoot/emailAddress=edkii@tianocore.org
+issuer=/C=CN/ST=SH/L=SH/O=TianoCore/OU=EDKII/CN=TestRoot/emailAddress=edkii@tianocore.org
+-----BEGIN CERTIFICATE-----
+MIID7DCCAtSgAwIBAgIJAMCRxeK3ZsD4MA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
+VQQGEwJDTjELMAkGA1UECAwCU0gxCzAJBgNVBAcMAlNIMRIwEAYDVQQKDAlUaWFu
+b0NvcmUxDjAMBgNVBAsMBUVES0lJMREwDwYDVQQDDAhUZXN0Um9vdDEiMCAGCSqG
+SIb3DQEJARYTZWRraWlAdGlhbm9jb3JlLm9yZzAeFw0xNzA0MTAwODI3NDBaFw0x
+NzA1MTAwODI3NDBaMIGCMQswCQYDVQQGEwJDTjELMAkGA1UECAwCU0gxCzAJBgNV
+BAcMAlNIMRIwEAYDVQQKDAlUaWFub0NvcmUxDjAMBgNVBAsMBUVES0lJMREwDwYD
+VQQDDAhUZXN0Um9vdDEiMCAGCSqGSIb3DQEJARYTZWRraWlAdGlhbm9jb3JlLm9y
+ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALkpKWxgDNcj9n3u8GL/
+2cmqVYyBlVY/t1ZTsMKCEsU7dSO5TdbEVXPzqpWoG/OTfp5A5B0inJMHC9eqW9fk
+GiGE12NZA1Af9RRVk5Gb9VKwvw5caDtZUpiWVuGrxEO7BVd4RQGfWBVTDhGULw7x
+phmiboY5KzONx8Xr7h4z0zKUwVnEDJcLEkhfM/ZgdH1XwhMtfamHozXqkYM/Z3qS
+HwFTn2JfmRL9cxstnitsNEmvTwePwOlrnl95NdoqXIju9khh2pbjSEaglByd9lyH
+Du90CZENPVrnxUyKeqyhhbZnRBdVUjroEU1YopMAYup7gO3Pvd91gEu5ZWOtC010
++lkCAwEAAaNjMGEwHQYDVR0OBBYEFBaq1o4bLUPzLbAkrTZlP7L6sSztMB8GA1Ud
+IwQYMBaAFBaq1o4bLUPzLbAkrTZlP7L6sSztMA8GA1UdEwEB/wQFMAMBAf8wDgYD
+VR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IBAQCV3t+kFNuSIngavTGdHtcv
+ChARXXRh6DDE8xXpMFT0uwwEeBNdLN2MkpDRnNDQGKOj/IwoWtSRTQjD9hrI3aYI
+WOIVlfstLYqxMIC9mrbhLCA+3cTHVWXPKBf07tq+d3DVUtYVevutr/3VRZBa5jFC
+14SzSVZq00fzv2hgiw/ir/Tj7BK54joWEU5Nc3mvR4VMdiaeizLAjsLcJ6bvrJOe
+oV7PNEXgKsedTdfXN3KX+Fj5tjVI8dEKcn/9TXzpzNhIG0lSU95RAVM1vJDNjIrM
+QyCnRf8rVbCLLf9VFUuE0MPTkJyUS1XVYuoiq2Jo3VPG3KXdmi2OeXwunORmgIwd
+-----END CERTIFICATE-----
+Bag Attributes
+ localKeyID: F4 2E C8 1D 29 A0 02 47 B7 93 2B 69 8D 8D D1 33 7A E3 09 30
+Key Attributes: <No Attributes>
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5KSlsYAzXI/Z9
+7vBi/9nJqlWMgZVWP7dWU7DCghLFO3UjuU3WxFVz86qVqBvzk36eQOQdIpyTBwvX
+qlvX5BohhNdjWQNQH/UUVZORm/VSsL8OXGg7WVKYllbhq8RDuwVXeEUBn1gVUw4R
+lC8O8aYZom6GOSszjcfF6+4eM9MylMFZxAyXCxJIXzP2YHR9V8ITLX2ph6M16pGD
+P2d6kh8BU59iX5kS/XMbLZ4rbDRJr08Hj8Dpa55feTXaKlyI7vZIYdqW40hGoJQc
+nfZchw7vdAmRDT1a58VMinqsoYW2Z0QXVVI66BFNWKKTAGLqe4Dtz73fdYBLuWVj
+rQtNdPpZAgMBAAECggEAci5d6wT4Jht5P4N/Ha2kweWWR8UJMFyuVD/bura3mITn
+4ZW92HjOMWjLgupeAkCsTi65/PWBFHG97cqSRHnXW2At6ofTsS9j1JxJGfvQtqNj
+zhlR9XdJperfvN5Nc277BkuWUj/O86d5/4Ef29lMknZGLeNHLs15qiWpe1p+HKvt
++DfL7Prl5qWA5G90QmXgRQJbThl1TYLCYkETB+9m3MIRm8Z01XKH+fm4ahgclEkG
+XaQl04DhMEo7A/sC8NUnozOMEf81Ixkt3wEpoEDtZ+WhRTrgLF23Q4sXAIBMlEfz
+Pz2UaX/9KBT1dRbZseStIjJKMc8qd+pC7Ww2tuHEOQKBgQDmLdFSgHc2URQW/Otj
+fr9S/Z7EPSOA/tmh4dFhQGwzKF4Us838deRz2cRTbgq5BHuBCrMEPRBiX8h4WLEB
+NVZ73JjgOfyshcDXWNg5noc9f24HYHMZnjcFmHNokpyIgxLl2qgN8f03doJEmKkj
+pm/VnfZmkGDd65IXRp8MYMTQOwKBgQDN7ofqKWK5SA+vt+tDOkCYq6eHKb9+ImPh
+PreikT5xc9SMtb0tGlIjKydsiqA9Jv1WRnpUG0fVfMyagBSOrKt9wC143VEvOtkR
+QJehmLLYG97HP7CXtniAWeKuc2pfCd+nGdHLFmduuTEEDcxab5LQc5dvYQ/RfznF
+YVunt73qewKBgQCg11VUpCYpU2CJa7SEMtY4hLbDg8FiazLiVqx7m4u/964+IyKG
+Dk9T0NDKR7PAc2xl0HclOBJR24J27erJ4F6NcKl2za5NU61cDV4SbT8tbvUQvInR
+Veg2xb+nTAOLtKOo8DDMhdMeRXZjvpU6LxwolhfOtYaqq+jK0PNkr933bwKBgA0G
+RiBgR7cyQJO7jSyuVYGSccERuePPZwPLBLBKgWmJiurvX6ynmoRQ6WhrCCF2AtXf
+FUOWih+Nih9HdIVllF8atYWMceML1MjLjguRbdZPRPLTK2cdClgL11NzR0oFhNi7
+wFIY86fEHL6F5OPfZKi8dtp7iBWW919tfe+IpoFbAoGBAMzNKKBHG5eMuKQI/Dww
+50PDHu25TGUiTc1bHx18v7mGlcvhEPkDYAKd3y7FN5VRoooarGYlLDHXez0FvDTa
+ABFUUad70bULTqRTSmld0I9CWWnYs0vaFKgIemddQ7W2eXr7N+N+ED+OK/PvWjMq
+LMKhChf252RfOYdB+WN6alVG
+-----END PRIVATE KEY-----
diff --git a/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.pub.pem b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.pub.pem new file mode 100644 index 000000000..ae67e9c1b --- /dev/null +++ b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestRoot.pub.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE-----
+MIID7DCCAtSgAwIBAgIJAMCRxeK3ZsD4MA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
+VQQGEwJDTjELMAkGA1UECAwCU0gxCzAJBgNVBAcMAlNIMRIwEAYDVQQKDAlUaWFu
+b0NvcmUxDjAMBgNVBAsMBUVES0lJMREwDwYDVQQDDAhUZXN0Um9vdDEiMCAGCSqG
+SIb3DQEJARYTZWRraWlAdGlhbm9jb3JlLm9yZzAeFw0xNzA0MTAwODI3NDBaFw0x
+NzA1MTAwODI3NDBaMIGCMQswCQYDVQQGEwJDTjELMAkGA1UECAwCU0gxCzAJBgNV
+BAcMAlNIMRIwEAYDVQQKDAlUaWFub0NvcmUxDjAMBgNVBAsMBUVES0lJMREwDwYD
+VQQDDAhUZXN0Um9vdDEiMCAGCSqGSIb3DQEJARYTZWRraWlAdGlhbm9jb3JlLm9y
+ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALkpKWxgDNcj9n3u8GL/
+2cmqVYyBlVY/t1ZTsMKCEsU7dSO5TdbEVXPzqpWoG/OTfp5A5B0inJMHC9eqW9fk
+GiGE12NZA1Af9RRVk5Gb9VKwvw5caDtZUpiWVuGrxEO7BVd4RQGfWBVTDhGULw7x
+phmiboY5KzONx8Xr7h4z0zKUwVnEDJcLEkhfM/ZgdH1XwhMtfamHozXqkYM/Z3qS
+HwFTn2JfmRL9cxstnitsNEmvTwePwOlrnl95NdoqXIju9khh2pbjSEaglByd9lyH
+Du90CZENPVrnxUyKeqyhhbZnRBdVUjroEU1YopMAYup7gO3Pvd91gEu5ZWOtC010
++lkCAwEAAaNjMGEwHQYDVR0OBBYEFBaq1o4bLUPzLbAkrTZlP7L6sSztMB8GA1Ud
+IwQYMBaAFBaq1o4bLUPzLbAkrTZlP7L6sSztMA8GA1UdEwEB/wQFMAMBAf8wDgYD
+VR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IBAQCV3t+kFNuSIngavTGdHtcv
+ChARXXRh6DDE8xXpMFT0uwwEeBNdLN2MkpDRnNDQGKOj/IwoWtSRTQjD9hrI3aYI
+WOIVlfstLYqxMIC9mrbhLCA+3cTHVWXPKBf07tq+d3DVUtYVevutr/3VRZBa5jFC
+14SzSVZq00fzv2hgiw/ir/Tj7BK54joWEU5Nc3mvR4VMdiaeizLAjsLcJ6bvrJOe
+oV7PNEXgKsedTdfXN3KX+Fj5tjVI8dEKcn/9TXzpzNhIG0lSU95RAVM1vJDNjIrM
+QyCnRf8rVbCLLf9VFUuE0MPTkJyUS1XVYuoiq2Jo3VPG3KXdmi2OeXwunORmgIwd
+-----END CERTIFICATE-----
diff --git a/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestSub.pem b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestSub.pem new file mode 100644 index 000000000..de988856e --- /dev/null +++ b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestSub.pem @@ -0,0 +1,59 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4098 (0x1002) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = CN, ST = SH, L = SH, O = TianoCore, OU = EDKII, CN = TestRoot, emailAddress = edkii@tianocore.org + Validity + Not Before: Apr 10 08:33:45 2017 GMT + Not After : Apr 10 08:33:45 2018 GMT + Subject: C = CN, ST = SH, O = TianoCore, OU = EDKII, CN = TestSub, emailAddress = edkii@tianocore.org + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:c5:3a:af:16:34:9a:14:61:74:8c:39:1a:04:1f: + 7b:95:d3:40:b7:ea:26:a7:7b:8d:76:d3:86:1b:7c: + 07:17:d2:56:72:36:13:b4:6c:75:b7:bf:d1:35:d1: + 31:d5:9a:07:c1:62:4e:aa:3d:bd:d8:40:8b:48:9a: + c5:46:c4:c3:10:2c:d4:82:d9:6d:f4:c3:de:85:fa: + 34:1d:d1:74:7a:5f:16:34:59:2b:2b:03:61:46:62: + d7:88:62:59:4d:d8:55:00:52:54:e1:15:5e:a9:ec: + d6:e8:51:fd:ef:8e:68:5f:d2:40:d2:61:ef:2c:1d: + 5b:a7:6e:14:4c:12:bc:60:81:8e:66:c9:84:51:c2: + 89:51:fc:e5:7f:86:9a:78:a4:c1:f7:0f:a9:a5:97: + 60:dd:6f:c8:a0:fd:ea:07:2f:01:36:0a:e8:bd:0e: + dc:48:2e:85:22:7b:bb:db:68:78:eb:cd:6a:54:07: + f7:81:a5:52:8f:f3:5c:09:1e:76:a3:d1:91:8f:ee: + 86:2c:85:49:99:96:4f:5f:5b:0d:08:ae:d8:20:e8: + e3:67:70:c6:ec:0e:0e:bd:bf:3c:f6:db:e4:45:d5: + 7a:bb:9f:d1:3b:18:89:fc:63:ac:c2:30:b8:fa:bb: + 8a:24:63:4e:79:58:78:72:ab:27:36:3d:bb:4f:47: + d6:ef + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + D6:9D:66:D6:49:7C:FA:20:8D:5D:75:69:2A:41:0A:7A:03:5A:A5:EB + X509v3 Authority Key Identifier: + keyid:16:AA:D6:8E:1B:2D:43:F3:2D:B0:24:AD:36:65:3F:B2:FA:B1:2C:ED + + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + Signature Algorithm: sha256WithRSAEncryption + 83:3c:ae:b2:fc:99:3d:33:b3:da:ca:26:83:8c:a9:ae:f8:bb: + ad:05:37:97:a5:f8:0d:2b:4e:3e:e5:b7:12:68:f8:64:d4:bd: + ff:65:7d:57:98:61:cd:47:10:a5:6a:bd:66:89:74:ce:5e:28: + 29:39:67:c9:1f:54:ec:78:76:b1:dd:04:91:63:b6:8c:2f:86: + 59:1f:c4:2b:a1:4a:8c:a8:5b:f6:8a:92:f0:83:bb:92:92:5c: + b1:1c:18:95:3d:d6:be:6d:79:9d:4f:7b:92:1f:68:f5:1f:cd: + f4:37:2d:1e:e3:f6:eb:f2:8a:a4:8d:a1:c5:db:0c:3a:59:01: + dc:be:a9:c1:0b:04:ba:e8:02:a9:85:cd:d7:48:0d:f6:60:30: + 2b:05:ba:e0:c7:d8:9f:23:14:37:04:0a:a7:bc:b6:c8:25:31: + e4:9a:41:a5:83:c2:ee:89:d3:fa:a5:7c:ae:a6:14:22:a4:5f: + 73:03:f2:7b:3c:51:f7:76:2a:0a:cf:ee:71:35:1c:bc:ff:3f: + 9b:d5:b1:33:e0:b6:fc:2a:c8:ab:84:89:cd:fa:1c:ee:12:8c: + 07:ba:93:46:50:b3:3f:73:05:be:67:58:60:90:05:2c:d3:b6: + 19:7c:a4:f0:6e:ee:d4:f2:0e:f5:02:79:5f:2c:28:83:1e:83: + c6:92:ba:7c diff --git a/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestSub.pub.pem b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestSub.pub.pem new file mode 100644 index 000000000..04402ea98 --- /dev/null +++ b/roms/edk2/BaseTools/Source/Python/Pkcs7Sign/TestSub.pub.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE-----
+MIID1jCCAr6gAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAkNO
+MQswCQYDVQQIDAJTSDELMAkGA1UEBwwCU0gxEjAQBgNVBAoMCVRpYW5vQ29yZTEO
+MAwGA1UECwwFRURLSUkxETAPBgNVBAMMCFRlc3RSb290MSIwIAYJKoZIhvcNAQkB
+FhNlZGtpaUB0aWFub2NvcmUub3JnMB4XDTE3MDQxMDA4MzM0NVoXDTE4MDQxMDA4
+MzM0NVowdDELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAlNIMRIwEAYDVQQKDAlUaWFu
+b0NvcmUxDjAMBgNVBAsMBUVES0lJMRAwDgYDVQQDDAdUZXN0U3ViMSIwIAYJKoZI
+hvcNAQkBFhNlZGtpaUB0aWFub2NvcmUub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAxTqvFjSaFGF0jDkaBB97ldNAt+omp3uNdtOGG3wHF9JWcjYT
+tGx1t7/RNdEx1ZoHwWJOqj292ECLSJrFRsTDECzUgtlt9MPehfo0HdF0el8WNFkr
+KwNhRmLXiGJZTdhVAFJU4RVeqezW6FH9745oX9JA0mHvLB1bp24UTBK8YIGOZsmE
+UcKJUfzlf4aaeKTB9w+ppZdg3W/IoP3qBy8BNgrovQ7cSC6FInu722h4681qVAf3
+gaVSj/NcCR52o9GRj+6GLIVJmZZPX1sNCK7YIOjjZ3DG7A4Ovb889tvkRdV6u5/R
+OxiJ/GOswjC4+ruKJGNOeVh4cqsnNj27T0fW7wIDAQABo2MwYTAdBgNVHQ4EFgQU
+1p1m1kl8+iCNXXVpKkEKegNapeswHwYDVR0jBBgwFoAUFqrWjhstQ/MtsCStNmU/
+svqxLO0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcN
+AQELBQADggEBAIM8rrL8mT0zs9rKJoOMqa74u60FN5el+A0rTj7ltxJo+GTUvf9l
+fVeYYc1HEKVqvWaJdM5eKCk5Z8kfVOx4drHdBJFjtowvhlkfxCuhSoyoW/aKkvCD
+u5KSXLEcGJU91r5teZ1Pe5IfaPUfzfQ3LR7j9uvyiqSNocXbDDpZAdy+qcELBLro
+AqmFzddIDfZgMCsFuuDH2J8jFDcECqe8tsglMeSaQaWDwu6J0/qlfK6mFCKkX3MD
+8ns8Ufd2KgrP7nE1HLz/P5vVsTPgtvwqyKuEic36HO4SjAe6k0ZQsz9zBb5nWGCQ
+BSzTthl8pPBu7tTyDvUCeV8sKIMeg8aSunw=
+-----END CERTIFICATE-----
|