+\r
+/**\r
+ Validate UEFI-OpenSSL PKCS#7 Signing & Verification Interfaces.\r
+\r
+ @retval EFI_SUCCESS Validation succeeded.\r
+ @retval EFI_ABORTED Validation failed.\r
+\r
+**/\r
+EFI_STATUS\r
+ValidateCryptPkcs7 (\r
+ VOID\r
+ )\r
+{\r
+ BOOLEAN Status;\r
+ UINT8 *P7SignedData;\r
+ UINTN P7SignedDataSize;\r
+ UINT8 *SignCert;\r
+\r
+ P7SignedData = NULL;\r
+ SignCert = NULL;\r
+\r
+ Print (L"\nUEFI-OpenSSL PKCS#7 Signing & Verification Testing: ");\r
+\r
+ Print (L"\n- Create PKCS#7 signedData ...");\r
+\r
+ //\r
+ // Construct Signer Certificate from RAW data.\r
+ //\r
+ Status = X509ConstructCertificate (TestCert, sizeof (TestCert), (UINT8 **) &SignCert);\r
+ if (!Status || SignCert == NULL) {\r
+ Print (L"[Fail]");\r
+ goto _Exit;\r
+ } else {\r
+ Print (L"[Pass]");\r
+ }\r
+\r
+ //\r
+ // Create PKCS#7 signedData on Payload. \r
+ // Note: Caller should release P7SignedData manually.\r
+ //\r
+ Status = Pkcs7Sign (\r
+ TestKeyPem,\r
+ sizeof (TestKeyPem),\r
+ (CONST UINT8 *) PemPass,\r
+ (UINT8 *) Payload,\r
+ AsciiStrLen (Payload),\r
+ SignCert,\r
+ NULL,\r
+ &P7SignedData,\r
+ &P7SignedDataSize\r
+ );\r
+ if (!Status || P7SignedDataSize == 0) {\r
+ Print (L"[Fail]");\r
+ goto _Exit;\r
+ } else {\r
+ Print (L"[Pass]");\r
+ }\r
+\r
+ Print (L"\n- Verify PKCS#7 signedData ...");\r
+\r
+ Status = Pkcs7Verify (\r
+ P7SignedData,\r
+ P7SignedDataSize,\r
+ TestCACert,\r
+ sizeof (TestCACert),\r
+ (UINT8 *) Payload,\r
+ AsciiStrLen (Payload)\r
+ );\r
+ if (!Status) {\r
+ Print (L"[Fail]");\r
+ } else {\r
+ Print (L"[Pass]");\r
+ }\r
+\r
+_Exit:\r
+ if (P7SignedData != NULL) {\r
+ FreePool (P7SignedData);\r
+ }\r
+ if (SignCert != NULL) {\r
+ X509Free (SignCert);\r
+ }\r
+\r
+ Print (L"\n");\r
+ return EFI_SUCCESS;\r
+}\r