BaseTools/Pkcs7Sign: Update the test certificates & Readme.md

The old TestRoot certificate used for Pkcs7Sign is not compliant to
Root CA certificate requirement with incorrect basic constraints and
key usage setting.
When OpenSSL in CryptoPkg was updated from 1.0.2xx to the latest
1.1.0xx, the CA certificate checking was enforced for more extension
validations, which will raise the verification failure when stilling
using the old sample certificates.

This patch re-generated one set of test certificates used in
Pkcs7Sign demo, and updated the corresponding Readme.md to describe
how to set the options in openssl configuration file.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Long Qin <qin.long@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

BaseTools/Source/Python/Pkcs7Sign/TestRoot.pem

@@ -1,56 +1,58 @@
-Bag Attributes
-    localKeyID: 01 00 00 00 
-    Microsoft CSP Name: Microsoft Strong Cryptographic Provider
-    friendlyName: PvkTmp:76c92422-d6f3-4763-9b80-b423fd921d00
-Key Attributes
-    X509v3 Key Usage: 80 
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCU5jNPVsMHoNCZ
-V8PhVkIBcFkcL0pmjzSek7227JKkkFFdxo+1w4YV32CAvrh4WVub/SeSaczKjj6e
-gUdbhO9cm7NKQ1uNCzEEALaKwKn1IdA/zbBnfVAzLvsbLBYu7lYBh/bI1FMHZ5kL
-Rr8dkMbbf21iDEqsqKI8eQ+tj/7B6OUnPfmmmh3sml9iUS6YHSm6a4r7Qw5oKfW+
-Z0hEKEX+HTtQcmrAuwyfAmGtY6eH9jKfPhZc7swFvRfoRlKvUIqmfhZpg2lbbk3H
-z4C4zfZmP75soOicJmC6qQXdcUq9AKgM91CrRNY+hyE8LeYzJ14hJ7ncOEjWOpbh
-F0dlZc49AgMBAAECgf8dY26Sej8u15Xiri/l3zXgy7aR7uAAbFGoM8fv2exQgIDk
-FrdxTDtqzqTSxGAkfUWs4Ip2DUEeZDwF/qjW4FCzb3mI/QmNt70Yd9KsEDAmDkZ2
-wylcYC2l7IqVEl6HZMpNyiu5hfXdTn/tlkkUIiKr6POYmFR6IyPiS61Tm4LQXyhv
-iW+Lx0GqFQcH82CsbNRNgJGJk/BIiHn7kNDi5rRrKsmTuKEQB9iwF/rKp+lnJN0g
-4qTv2bbZVxj39QWdOovU5LCL+1WJdkA2mpFpZjBEsTdF+UEGCbixdiftfovnZa64
-rofw3pIxr97XS42D3OmdPmSokpwqcQtjTXfScCECgYEAvxBMHcEFMZX644hhZtH7
-t0/PCka9DUBZfe58r+lmgSvlbMCka9OvKGtr86+j0IdWqmGWxRHAuk3KR3NIC3EU
-mD0rYSWiStW0I/cmHidS/a9OdWWHtWi1LcXX7KBn9AjKjPzghqAfDAkRxYfZKLIo
-PRL44O/RM6nJ1j7az5CgWR0CgYEAx4FW/xVVL1Z0kn/VyNVYLdlhV4zMNn6Cu0ko
-jebQydDBh4Tsne2A4dPonZQSsEiJ6jhzaUZr7l5OAEp+0aX0M/h6JbxTcA4CK3Xr
-X2TAaOCkPc1r0I79ZduKymyMNrWfXHenvFVl57klp9eFRQJ6o+pZB9ysFzPHXbci
-4VCsX6ECgYBMqAdB8M1apafxXihmDl2FoJmar+LtzCGbqvGPyn772FbGGUxejqG5
-/89iB9gbtBELbvgEvSisFsXPgOso3Ae9RN2Aro68o50QyPocIv7jFVDPPRsDp6z5
-XmVRZNIQUO6jPln+6YNLWuAsdmKkN0Z5qoD8DnvK1JZMRQ+ZM5eB6QKBgQCuvz+w
-VsMyn4uj9o0PSK/gGRQGV7FX2iAwY7g98vrWix+40FlhS3MkWzTZMaXc+uyyV5ff
-kmtfcwLnhljm0XHBQ9fZzcdX0y1bXAI6oElYk8vIxnG1UEnsOgyrmcCG+zcHC1fE
-wxhri+TLyx9UfwNlKBOrq0KhYB00nQDUUpFpgQKBgQCPWpNeNQ8hCARnayhzu2fE
-HEPG1P/resOp0u+c4jy4TeHVa9806wqZlkYNRKNn09Ub5Ajpp05dwdb+JvUSkWwr
-vOmE94WeLg5FuNzPAQjwAe+Eq54Vk8TdAhdLSu1m2xdBKFtEOk6TQTmRBCiknwhg
-19TgHd8hEFnz6ZICAeWGbQ==
------END PRIVATE KEY-----
-Bag Attributes
-    localKeyID: 01 00 00 00 
-subject=/CN=TestRoot
-issuer=/CN=TestRoot
------BEGIN CERTIFICATE-----
-MIIC8DCCAdygAwIBAgIQNDAnfwU9lYVDoKT1DJrnyjAJBgUrDgMCHQUAMBMxETAP
-BgNVBAMTCFRlc3RSb290MB4XDTE2MDgwNDE1MDE0OFoXDTM5MTIzMTIzNTk1OVow
-EzERMA8GA1UEAxMIVGVzdFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
-AoIBAQCU5jNPVsMHoNCZV8PhVkIBcFkcL0pmjzSek7227JKkkFFdxo+1w4YV32CA
-vrh4WVub/SeSaczKjj6egUdbhO9cm7NKQ1uNCzEEALaKwKn1IdA/zbBnfVAzLvsb
-LBYu7lYBh/bI1FMHZ5kLRr8dkMbbf21iDEqsqKI8eQ+tj/7B6OUnPfmmmh3sml9i
-US6YHSm6a4r7Qw5oKfW+Z0hEKEX+HTtQcmrAuwyfAmGtY6eH9jKfPhZc7swFvRfo
-RlKvUIqmfhZpg2lbbk3Hz4C4zfZmP75soOicJmC6qQXdcUq9AKgM91CrRNY+hyE8
-LeYzJ14hJ7ncOEjWOpbhF0dlZc49AgMBAAGjSDBGMEQGA1UdAQQ9MDuAEM61es/l
-Icdr8+yS1L9lKjWhFTATMREwDwYDVQQDEwhUZXN0Um9vdIIQNDAnfwU9lYVDoKT1
-DJrnyjAJBgUrDgMCHQUAA4IBAQBrDeAK0O5bP7ZzSGLo9Fvh7dkAxeUOaPtTMzBq
-YLruOFtRY3DVfgX+5EUqFWIb/Nh1k1b25gaFIfcIRya5/gVOkCJU9DkJTFyOzXw7
-r0stGAb0XCQqZPdZdSiXqZAsukYCamRmSTLLXTT+JOREsMKtFxsFfdNYiC6+Dtcr
-yly/KCU92Ls8OFLmJ/rSuEVrX39LsCMF6K9n6OJsL5/4c3/DF7yyalsq82vT3H/f
-L9CrBgz+A+eNguyEPch97ctqWzVIVQf7qngaAbuYRYvaiuMhV4YVIxdQG5y8Glmo
-Kq06fgEkg/ewYea9T9mRkKcquQw7q5UgHPB0zgK6FF3xkSVK
------END CERTIFICATE-----
+Bag Attributes
+    localKeyID: F4 2E C8 1D 29 A0 02 47 B7 93 2B 69 8D 8D D1 33 7A E3 09 30 
+subject=/C=CN/ST=SH/L=SH/O=TianoCore/OU=EDKII/CN=TestRoot/emailAddress=edkii@tianocore.org
+issuer=/C=CN/ST=SH/L=SH/O=TianoCore/OU=EDKII/CN=TestRoot/emailAddress=edkii@tianocore.org
+-----BEGIN CERTIFICATE-----
+MIID7DCCAtSgAwIBAgIJAMCRxeK3ZsD4MA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
+VQQGEwJDTjELMAkGA1UECAwCU0gxCzAJBgNVBAcMAlNIMRIwEAYDVQQKDAlUaWFu
+b0NvcmUxDjAMBgNVBAsMBUVES0lJMREwDwYDVQQDDAhUZXN0Um9vdDEiMCAGCSqG
+SIb3DQEJARYTZWRraWlAdGlhbm9jb3JlLm9yZzAeFw0xNzA0MTAwODI3NDBaFw0x
+NzA1MTAwODI3NDBaMIGCMQswCQYDVQQGEwJDTjELMAkGA1UECAwCU0gxCzAJBgNV
+BAcMAlNIMRIwEAYDVQQKDAlUaWFub0NvcmUxDjAMBgNVBAsMBUVES0lJMREwDwYD
+VQQDDAhUZXN0Um9vdDEiMCAGCSqGSIb3DQEJARYTZWRraWlAdGlhbm9jb3JlLm9y
+ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALkpKWxgDNcj9n3u8GL/
+2cmqVYyBlVY/t1ZTsMKCEsU7dSO5TdbEVXPzqpWoG/OTfp5A5B0inJMHC9eqW9fk
+GiGE12NZA1Af9RRVk5Gb9VKwvw5caDtZUpiWVuGrxEO7BVd4RQGfWBVTDhGULw7x
+phmiboY5KzONx8Xr7h4z0zKUwVnEDJcLEkhfM/ZgdH1XwhMtfamHozXqkYM/Z3qS
+HwFTn2JfmRL9cxstnitsNEmvTwePwOlrnl95NdoqXIju9khh2pbjSEaglByd9lyH
+Du90CZENPVrnxUyKeqyhhbZnRBdVUjroEU1YopMAYup7gO3Pvd91gEu5ZWOtC010
++lkCAwEAAaNjMGEwHQYDVR0OBBYEFBaq1o4bLUPzLbAkrTZlP7L6sSztMB8GA1Ud
+IwQYMBaAFBaq1o4bLUPzLbAkrTZlP7L6sSztMA8GA1UdEwEB/wQFMAMBAf8wDgYD
+VR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IBAQCV3t+kFNuSIngavTGdHtcv
+ChARXXRh6DDE8xXpMFT0uwwEeBNdLN2MkpDRnNDQGKOj/IwoWtSRTQjD9hrI3aYI
+WOIVlfstLYqxMIC9mrbhLCA+3cTHVWXPKBf07tq+d3DVUtYVevutr/3VRZBa5jFC
+14SzSVZq00fzv2hgiw/ir/Tj7BK54joWEU5Nc3mvR4VMdiaeizLAjsLcJ6bvrJOe
+oV7PNEXgKsedTdfXN3KX+Fj5tjVI8dEKcn/9TXzpzNhIG0lSU95RAVM1vJDNjIrM
+QyCnRf8rVbCLLf9VFUuE0MPTkJyUS1XVYuoiq2Jo3VPG3KXdmi2OeXwunORmgIwd
+-----END CERTIFICATE-----
+Bag Attributes
+    localKeyID: F4 2E C8 1D 29 A0 02 47 B7 93 2B 69 8D 8D D1 33 7A E3 09 30 
+Key Attributes: <No Attributes>
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5KSlsYAzXI/Z9
+7vBi/9nJqlWMgZVWP7dWU7DCghLFO3UjuU3WxFVz86qVqBvzk36eQOQdIpyTBwvX
+qlvX5BohhNdjWQNQH/UUVZORm/VSsL8OXGg7WVKYllbhq8RDuwVXeEUBn1gVUw4R
+lC8O8aYZom6GOSszjcfF6+4eM9MylMFZxAyXCxJIXzP2YHR9V8ITLX2ph6M16pGD
+P2d6kh8BU59iX5kS/XMbLZ4rbDRJr08Hj8Dpa55feTXaKlyI7vZIYdqW40hGoJQc
+nfZchw7vdAmRDT1a58VMinqsoYW2Z0QXVVI66BFNWKKTAGLqe4Dtz73fdYBLuWVj
+rQtNdPpZAgMBAAECggEAci5d6wT4Jht5P4N/Ha2kweWWR8UJMFyuVD/bura3mITn
+4ZW92HjOMWjLgupeAkCsTi65/PWBFHG97cqSRHnXW2At6ofTsS9j1JxJGfvQtqNj
+zhlR9XdJperfvN5Nc277BkuWUj/O86d5/4Ef29lMknZGLeNHLs15qiWpe1p+HKvt
++DfL7Prl5qWA5G90QmXgRQJbThl1TYLCYkETB+9m3MIRm8Z01XKH+fm4ahgclEkG
+XaQl04DhMEo7A/sC8NUnozOMEf81Ixkt3wEpoEDtZ+WhRTrgLF23Q4sXAIBMlEfz
+Pz2UaX/9KBT1dRbZseStIjJKMc8qd+pC7Ww2tuHEOQKBgQDmLdFSgHc2URQW/Otj
+fr9S/Z7EPSOA/tmh4dFhQGwzKF4Us838deRz2cRTbgq5BHuBCrMEPRBiX8h4WLEB
+NVZ73JjgOfyshcDXWNg5noc9f24HYHMZnjcFmHNokpyIgxLl2qgN8f03doJEmKkj
+pm/VnfZmkGDd65IXRp8MYMTQOwKBgQDN7ofqKWK5SA+vt+tDOkCYq6eHKb9+ImPh
+PreikT5xc9SMtb0tGlIjKydsiqA9Jv1WRnpUG0fVfMyagBSOrKt9wC143VEvOtkR
+QJehmLLYG97HP7CXtniAWeKuc2pfCd+nGdHLFmduuTEEDcxab5LQc5dvYQ/RfznF
+YVunt73qewKBgQCg11VUpCYpU2CJa7SEMtY4hLbDg8FiazLiVqx7m4u/964+IyKG
+Dk9T0NDKR7PAc2xl0HclOBJR24J27erJ4F6NcKl2za5NU61cDV4SbT8tbvUQvInR
+Veg2xb+nTAOLtKOo8DDMhdMeRXZjvpU6LxwolhfOtYaqq+jK0PNkr933bwKBgA0G
+RiBgR7cyQJO7jSyuVYGSccERuePPZwPLBLBKgWmJiurvX6ynmoRQ6WhrCCF2AtXf
+FUOWih+Nih9HdIVllF8atYWMceML1MjLjguRbdZPRPLTK2cdClgL11NzR0oFhNi7
+wFIY86fEHL6F5OPfZKi8dtp7iBWW919tfe+IpoFbAoGBAMzNKKBHG5eMuKQI/Dww
+50PDHu25TGUiTc1bHx18v7mGlcvhEPkDYAKd3y7FN5VRoooarGYlLDHXez0FvDTa
+ABFUUad70bULTqRTSmld0I9CWWnYs0vaFKgIemddQ7W2eXr7N+N+ED+OK/PvWjMq
+LMKhChf252RfOYdB+WN6alVG
+-----END PRIVATE KEY-----