Re: [edk2] [edk2-test][v3 Patch 2/3] uefi-sct/SctPkg:Add VerifySignature() Func Test

[Supreeth Venkatesh]

On Wed, 2018-12-05 at 13:51 +0800, Eric Jin wrote:
> Enable the BBTestVerifySignatureFunctionTest()
> with 2 checkpoints below, it should be success.
> The Certificate/Hash/Digest/signedData are updated
> correspondingly.
> a)Signed hash was verified against caller-provided
> hash of content, the signer's certificate was not
> found in RevokedDb, and was found in AllowedDb.
> b)Signer is found in both AllowedDb and RevokedDb,
> the signing was allowed by reference to TimeStampDb,
> and no hash matching content hash was found in RevokedDb.
> 
> Cc: Supreeth Venkatesh 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Eric Jin 
Acked-by: Supreeth Venkatesh 

> ---
>  .../EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.c   |2 +
>  .../EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.h   |8 +
>  .../PKCS7Verify/BlackBoxTest/Pkcs7BBTestData.c | 1466
> +---
>  .../PKCS7Verify/BlackBoxTest/Pkcs7BBTestFunction.c |   86 ++
>  .../PKCS7Verify/BlackBoxTest/Pkcs7BBTestMain.c |   57 +-
>  .../PKCS7Verify/BlackBoxTest/Pkcs7BBTestMain.h |   25 +-
>  6 files changed, 1099 insertions(+), 545 deletions(-)
> 
> diff --git a/uefi-
> sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.c
> b/uefi-
> sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.c
> index 142f6d4..4d433c3 100644
> --- a/uefi-
> sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.c
> +++ b/uefi-
> sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.c
> @@ -42,3 +42,5 @@ EFI_GUID gPkcs7BBTestFunctionAssertionGuid001 =
> EFI_TEST_PKCS7BBTESTFUNCTION_ASS
>  EFI_GUID gPkcs7BBTestFunctionAssertionGuid002 =
> EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_002_GUID;
>  EFI_GUID gPkcs7BBTestFunctionAssertionGuid003 =
> EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_003_GUID;
>  EFI_GUID gPkcs7BBTestFunctionAssertionGuid004 =
> EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_004_GUID;
> +EFI_GUID gPkcs7BBTestFunctionAssertionGuid005 =
> EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_005_GUID;
> +EFI_GUID gPkcs7BBTestFunctionAssertionGuid006 =
> EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_006_GUID;
> diff --git a/uefi-
> sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.h
> b/uefi-
> sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.h
> index ce980c9..94d2568 100644
> --- a/uefi-
> sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.h
> +++ b/uefi-
> sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.h
> @@ -81,3 +81,11 @@ extern EFI_GUID
> gPkcs7BBTestFunctionAssertionGuid003;
>  #define EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_004_GUID \
>  { 0x912e23ef, 0x299c, 0x41ab, {0xa0, 0xf5, 0xfc, 0xbc, 0xf6, 0xfd,
> 0xd3, 0x32 }}
>  extern EFI_GUID gPkcs7BBTestFunctionAssertionGuid004;
> +
> +#define EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_005_GUID \
> +{ 0x93740b06, 0xa186, 0x47ff, { 0xba, 0xc3, 0xdd, 0xa8, 0xcb, 0x7b,
> 0x18, 0x5e }}
> +extern EFI_GUID gPkcs7BBTestFunctionAssertionGuid005;
> +
> +#define EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_006_GUID \
> +{ 0x37253616, 0xca42, 0x4082, { 0x90, 0xda, 0xdb, 0x69, 0x98, 0x22,
> 0xa0, 0xe6 }}
> +extern EFI_GUID gPkcs7BBTestFunctionAssertionGuid006;
> diff --git a/uefi-
> sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Pkcs7B
> BTestData.c b/uefi-
> sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Pkcs7B
> BTestData.c
> index 0511e00..9b66938 100644
> --- a/uefi-
> sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Pkcs7B
> BTestData.c
> +++ b/uefi-
> sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Pkcs7B
> BTestData.c
> @@ -25,541 +25,979 @@ Abstract:
>  --*/
>  
>  //
> +// Test Root Certificate ("TestRoot.cer")
> +//
> +GLOBAL_REMOVE_IF_UNREFERENCED UINT8 TestRootCert[781] = {
> +  0x30, 0x82, 0x03, 0x09, 0x30, 0x82, 0x01, 0xF1, 0xA0, 0x03, 0x02,
> 0x01,
> +  0x02, 0x02, 0x10, 0xDE, 0x9F, 0x42, 0x91, 0x68, 0x16, 0xEA, 0x97,
> 0x4D,
> +  0xA1, 0x8A, 0x32, 0x25, 0xD6, 0xEE, 0x8D, 0x30, 0x0D, 0x06, 0x09,
> 0x2A,
> +  0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30,
> 0x13,
> +  0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x08,
> 0x54,
> +  0x65, 0x73, 0x74, 0x52, 0x6F, 0x6F, 0x74, 0x30, 0x1E, 0x17, 0x0D,
> 0x31,
> +  0x38, 0x30, 0x31, 0x32, 0x35, 0x30, 0x32, 0x30, 0x35, 0x35, 0x30,
> 0x5A,
> +  0x17, 0x0D, 0x33, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35,
> 0x39,
> +  0x35, 0x39, 0x5A, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03,
> 0x55,
> +  0x04, 0x03, 0x13, 0x08, 0x54, 0x65, 0x73, 0x74, 0x52, 0x6F, 0x6F,
> 0x74,
> +  0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48,
> 0x86,
> +  0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F,
> 0x00,
> +  0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xA5, 0x97,
> 0x23,
> +  0x48, 0xBE, 0xCA, 0xC8, 0xE0, 0x88, 0xC6, 0xA2, 0xAF, 0x78, 0x60,
> 0x94,
> +  0x48, 0x3E, 0x82, 0xE7, 0xD5, 0x62, 0x01, 0x73, 0x00, 0xEA, 

[edk2] [edk2-test][v3 Patch 2/3] uefi-sct/SctPkg:Add VerifySignature() Func Test

[Eric Jin]

Enable the BBTestVerifySignatureFunctionTest()
with 2 checkpoints below, it should be success.
The Certificate/Hash/Digest/signedData are updated
correspondingly.
a)Signed hash was verified against caller-provided
hash of content, the signer's certificate was not
found in RevokedDb, and was found in AllowedDb.
b)Signer is found in both AllowedDb and RevokedDb,
the signing was allowed by reference to TimeStampDb,
and no hash matching content hash was found in RevokedDb.

Cc: Supreeth Venkatesh 
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Eric Jin 
---
 .../EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.c   |2 +
 .../EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.h   |8 +
 .../PKCS7Verify/BlackBoxTest/Pkcs7BBTestData.c | 1466 +---
 .../PKCS7Verify/BlackBoxTest/Pkcs7BBTestFunction.c |   86 ++
 .../PKCS7Verify/BlackBoxTest/Pkcs7BBTestMain.c |   57 +-
 .../PKCS7Verify/BlackBoxTest/Pkcs7BBTestMain.h |   25 +-
 6 files changed, 1099 insertions(+), 545 deletions(-)

diff --git 
a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.c 
b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.c
index 142f6d4..4d433c3 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.c
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.c
@@ -42,3 +42,5 @@ EFI_GUID gPkcs7BBTestFunctionAssertionGuid001 = 
EFI_TEST_PKCS7BBTESTFUNCTION_ASS
 EFI_GUID gPkcs7BBTestFunctionAssertionGuid002 = 
EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_002_GUID;
 EFI_GUID gPkcs7BBTestFunctionAssertionGuid003 = 
EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_003_GUID;
 EFI_GUID gPkcs7BBTestFunctionAssertionGuid004 = 
EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_004_GUID;
+EFI_GUID gPkcs7BBTestFunctionAssertionGuid005 = 
EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_005_GUID;
+EFI_GUID gPkcs7BBTestFunctionAssertionGuid006 = 
EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_006_GUID;
diff --git 
a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.h 
b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.h
index ce980c9..94d2568 100644
--- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.h
+++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Guid.h
@@ -81,3 +81,11 @@ extern EFI_GUID gPkcs7BBTestFunctionAssertionGuid003;
 #define EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_004_GUID \
 { 0x912e23ef, 0x299c, 0x41ab, {0xa0, 0xf5, 0xfc, 0xbc, 0xf6, 0xfd, 0xd3, 0x32 
}}
 extern EFI_GUID gPkcs7BBTestFunctionAssertionGuid004;
+
+#define EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_005_GUID \
+{ 0x93740b06, 0xa186, 0x47ff, { 0xba, 0xc3, 0xdd, 0xa8, 0xcb, 0x7b, 0x18, 0x5e 
}}
+extern EFI_GUID gPkcs7BBTestFunctionAssertionGuid005;
+
+#define EFI_TEST_PKCS7BBTESTFUNCTION_ASSERTION_006_GUID \
+{ 0x37253616, 0xca42, 0x4082, { 0x90, 0xda, 0xdb, 0x69, 0x98, 0x22, 0xa0, 0xe6 
}}
+extern EFI_GUID gPkcs7BBTestFunctionAssertionGuid006;
diff --git 
a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Pkcs7BBTestData.c
 
b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Pkcs7BBTestData.c
index 0511e00..9b66938 100644
--- 
a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Pkcs7BBTestData.c
+++ 
b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/PKCS7Verify/BlackBoxTest/Pkcs7BBTestData.c
@@ -25,541 +25,979 @@ Abstract:
 --*/
 
 //
+// Test Root Certificate ("TestRoot.cer")
+//
+GLOBAL_REMOVE_IF_UNREFERENCED UINT8 TestRootCert[781] = {
+  0x30, 0x82, 0x03, 0x09, 0x30, 0x82, 0x01, 0xF1, 0xA0, 0x03, 0x02, 0x01,
+  0x02, 0x02, 0x10, 0xDE, 0x9F, 0x42, 0x91, 0x68, 0x16, 0xEA, 0x97, 0x4D,
+  0xA1, 0x8A, 0x32, 0x25, 0xD6, 0xEE, 0x8D, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+  0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30, 0x13,
+  0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x08, 0x54,
+  0x65, 0x73, 0x74, 0x52, 0x6F, 0x6F, 0x74, 0x30, 0x1E, 0x17, 0x0D, 0x31,
+  0x38, 0x30, 0x31, 0x32, 0x35, 0x30, 0x32, 0x30, 0x35, 0x35, 0x30, 0x5A,
+  0x17, 0x0D, 0x33, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39,
+  0x35, 0x39, 0x5A, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55,
+  0x04, 0x03, 0x13, 0x08, 0x54, 0x65, 0x73, 0x74, 0x52, 0x6F, 0x6F, 0x74,
+  0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
+  0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00,
+  0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xA5, 0x97, 0x23,
+  0x48, 0xBE, 0xCA, 0xC8, 0xE0, 0x88, 0xC6, 0xA2, 0xAF, 0x78, 0x60, 0x94,
+  0x48, 0x3E, 0x82, 0xE7, 0xD5, 0x62, 0x01, 0x73, 0x00, 0xEA, 0x42, 0x7A,
+  0x32, 0x0A, 0xD7, 0x3F, 0x4D, 0x0B, 0x71, 0x6D, 0xD3, 0x50, 0x5E, 0x26,
+  0x20, 0xE8, 0xCC, 0xB6, 0x0A, 0xAF, 0xD9, 0x07, 0x22, 0x17, 0x45, 0xD8,
+  0x91, 0x75, 0x75, 0x52, 0xD8, 0x8C, 0xAB, 0x63, 0x0A, 0xF0, 0x23, 0x14,
+  0x34, 0x92, 0x3F, 0xE0, 0x05, 0x24, 0x28, 0xED, 0x74, 0x8E, 0x4D, 0x3E,
+