summaryrefslogtreecommitdiffstats
path: root/BaseTools/Source/Python/Pkcs7Sign/TestSub.pem
Commit message (Collapse)AuthorAgeFilesLines
* BaseTools/Pkcs7Sign: Update the test certificates & Readme.mdLong Qin2017-04-121-57/+59
| | | | | | | | | | | | | | | | | | | | The old TestRoot certificate used for Pkcs7Sign is not compliant to Root CA certificate requirement with incorrect basic constraints and key usage setting. When OpenSSL in CryptoPkg was updated from 1.0.2xx to the latest 1.1.0xx, the CA certificate checking was enforced for more extension validations, which will raise the verification failure when stilling using the old sample certificates. This patch re-generated one set of test certificates used in Pkcs7Sign demo, and updated the corresponding Readme.md to describe how to set the options in openssl configuration file. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Long Qin <qin.long@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* BaseTools: Add the PKCS7 toolYonghong Zhu2016-08-191-0/+57
Provide the PKCS7 Tool to support the CertType - EFI_CERT_TYPE_PKCS7_GUID, then user can use this tool to add EFI_FIRMWARE_IMAGE_AUTHENTICATION for a binary. Cc: Liming Gao <liming.gao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-17 14:11:44 +0000