Add CryptoPkg/Library/BaseCryptLib/ and CryptoPkg/Library/OpensslLib/openssl-rebase-helper-start

12 files changed, 776 insertions, 0 deletions

diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_comp.c b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_comp.c
new file mode 100644
index 00000000..0d548f93
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_comp.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Simple S/MIME compress example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    /*
+     * On OpenSSL 1.0.0+ only:
+     * for streaming set CMS_STREAM
+     */
+    int flags = CMS_STREAM;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Open content being compressed */
+
+    in = BIO_new_file("comp.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* compress content */
+    cms = CMS_compress(in, NID_zlib_compression, flags);
+
+    if (!cms)
+        goto err;
+
+    out = BIO_new_file("smcomp.txt", "w");
+    if (!out)
+        goto err;
+
+    /* Write out S/MIME message */
+    if (!SMIME_write_CMS(out, cms, in, flags))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Compressing Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    CMS_ContentInfo_free(cms);
+    BIO_free(in);
+    BIO_free(out);
+    return ret;
+}
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_ddec.c b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_ddec.c
new file mode 100644
index 00000000..8f2e9aec
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_ddec.c
@@ -0,0 +1,88 @@
+/*
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * S/MIME detached data decrypt example: rarely done but should the need
+ * arise this is an example....
+ */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL, *dcont = NULL;
+    X509 *rcert = NULL;
+    EVP_PKEY *rkey = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Read in recipient certificate and private key */
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    if (!rcert || !rkey)
+        goto err;
+
+    /* Open PEM file containing enveloped data */
+
+    in = BIO_new_file("smencr.pem", "r");
+
+    if (!in)
+        goto err;
+
+    /* Parse PEM content */
+    cms = PEM_read_bio_CMS(in, NULL, 0, NULL);
+
+    if (!cms)
+        goto err;
+
+    /* Open file containing detached content */
+    dcont = BIO_new_file("smencr.out", "rb");
+
+    if (!in)
+        goto err;
+
+    out = BIO_new_file("encrout.txt", "w");
+    if (!out)
+        goto err;
+
+    /* Decrypt S/MIME message */
+    if (!CMS_decrypt(cms, rkey, rcert, dcont, out, 0))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Decrypting Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    CMS_ContentInfo_free(cms);
+    X509_free(rcert);
+    EVP_PKEY_free(rkey);
+    BIO_free(in);
+    BIO_free(out);
+    BIO_free(tbio);
+    BIO_free(dcont);
+    return ret;
+}
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_dec.c b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_dec.c
new file mode 100644
index 00000000..4f9428b4
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_dec.c
@@ -0,0 +1,78 @@
+/*
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Simple S/MIME decryption example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL;
+    X509 *rcert = NULL;
+    EVP_PKEY *rkey = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Read in recipient certificate and private key */
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    if (!rcert || !rkey)
+        goto err;
+
+    /* Open S/MIME message to decrypt */
+
+    in = BIO_new_file("smencr.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* Parse message */
+    cms = SMIME_read_CMS(in, NULL);
+
+    if (!cms)
+        goto err;
+
+    out = BIO_new_file("decout.txt", "w");
+    if (!out)
+        goto err;
+
+    /* Decrypt S/MIME message */
+    if (!CMS_decrypt(cms, rkey, rcert, NULL, out, 0))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Decrypting Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    CMS_ContentInfo_free(cms);
+    X509_free(rcert);
+    EVP_PKEY_free(rkey);
+    BIO_free(in);
+    BIO_free(out);
+    BIO_free(tbio);
+    return ret;
+}
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_denc.c b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_denc.c
new file mode 100644
index 00000000..adba69b9
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_denc.c
@@ -0,0 +1,97 @@
+/*
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * S/MIME detached data encrypt example: rarely done but should the need
+ * arise this is an example....
+ */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL, *dout = NULL;
+    X509 *rcert = NULL;
+    STACK_OF(X509) *recips = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    int flags = CMS_STREAM | CMS_DETACHED;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Read in recipient certificate */
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    if (!rcert)
+        goto err;
+
+    /* Create recipient STACK and add recipient cert to it */
+    recips = sk_X509_new_null();
+
+    if (!recips || !sk_X509_push(recips, rcert))
+        goto err;
+
+    /*
+     * sk_X509_pop_free will free up recipient STACK and its contents so set
+     * rcert to NULL so it isn't freed up twice.
+     */
+    rcert = NULL;
+
+    /* Open content being encrypted */
+
+    in = BIO_new_file("encr.txt", "r");
+
+    dout = BIO_new_file("smencr.out", "wb");
+
+    if (!in)
+        goto err;
+
+    /* encrypt content */
+    cms = CMS_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
+
+    if (!cms)
+        goto err;
+
+    out = BIO_new_file("smencr.pem", "w");
+    if (!out)
+        goto err;
+
+    if (!CMS_final(cms, in, dout, flags))
+        goto err;
+
+    /* Write out CMS structure without content */
+    if (!PEM_write_bio_CMS(out, cms))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Encrypting Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    CMS_ContentInfo_free(cms);
+    X509_free(rcert);
+    sk_X509_pop_free(recips, X509_free);
+    BIO_free(in);
+    BIO_free(out);
+    BIO_free(dout);
+    BIO_free(tbio);
+    return ret;
+}
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_enc.c b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_enc.c
new file mode 100644
index 00000000..4d17d720
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_enc.c
@@ -0,0 +1,92 @@
+/*
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Simple S/MIME encrypt example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL;
+    X509 *rcert = NULL;
+    STACK_OF(X509) *recips = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    /*
+     * On OpenSSL 1.0.0 and later only:
+     * for streaming set CMS_STREAM
+     */
+    int flags = CMS_STREAM;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Read in recipient certificate */
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    if (!rcert)
+        goto err;
+
+    /* Create recipient STACK and add recipient cert to it */
+    recips = sk_X509_new_null();
+
+    if (!recips || !sk_X509_push(recips, rcert))
+        goto err;
+
+    /*
+     * sk_X509_pop_free will free up recipient STACK and its contents so set
+     * rcert to NULL so it isn't freed up twice.
+     */
+    rcert = NULL;
+
+    /* Open content being encrypted */
+
+    in = BIO_new_file("encr.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* encrypt content */
+    cms = CMS_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
+
+    if (!cms)
+        goto err;
+
+    out = BIO_new_file("smencr.txt", "w");
+    if (!out)
+        goto err;
+
+    /* Write out S/MIME message */
+    if (!SMIME_write_CMS(out, cms, in, flags))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Encrypting Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    CMS_ContentInfo_free(cms);
+    X509_free(rcert);
+    sk_X509_pop_free(recips, X509_free);
+    BIO_free(in);
+    BIO_free(out);
+    BIO_free(tbio);
+    return ret;
+}
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_sign.c b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_sign.c
new file mode 100644
index 00000000..15bd5b8d
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_sign.c
@@ -0,0 +1,88 @@
+/*
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Simple S/MIME signing example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL;
+    X509 *scert = NULL;
+    EVP_PKEY *skey = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    /*
+     * For simple S/MIME signing use CMS_DETACHED. On OpenSSL 1.0.0 only: for
+     * streaming detached set CMS_DETACHED|CMS_STREAM for streaming
+     * non-detached set CMS_STREAM
+     */
+    int flags = CMS_DETACHED | CMS_STREAM;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Read in signer certificate and private key */
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    if (!scert || !skey)
+        goto err;
+
+    /* Open content being signed */
+
+    in = BIO_new_file("sign.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* Sign content */
+    cms = CMS_sign(scert, skey, NULL, in, flags);
+
+    if (!cms)
+        goto err;
+
+    out = BIO_new_file("smout.txt", "w");
+    if (!out)
+        goto err;
+
+    if (!(flags & CMS_STREAM))
+        BIO_reset(in);
+
+    /* Write out S/MIME message */
+    if (!SMIME_write_CMS(out, cms, in, flags))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Signing Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    CMS_ContentInfo_free(cms);
+    X509_free(scert);
+    EVP_PKEY_free(skey);
+    BIO_free(in);
+    BIO_free(out);
+    BIO_free(tbio);
+    return ret;
+}
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_sign2.c b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_sign2.c
new file mode 100644
index 00000000..14ebf277
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_sign2.c
@@ -0,0 +1,98 @@
+/*
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* S/MIME signing example: 2 signers */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL;
+    X509 *scert = NULL, *scert2 = NULL;
+    EVP_PKEY *skey = NULL, *skey2 = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    BIO_free(tbio);
+
+    tbio = BIO_new_file("signer2.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    scert2 = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    skey2 = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    if (!scert2 || !skey2)
+        goto err;
+
+    in = BIO_new_file("sign.txt", "r");
+
+    if (!in)
+        goto err;
+
+    cms = CMS_sign(NULL, NULL, NULL, in, CMS_STREAM | CMS_PARTIAL);
+
+    if (!cms)
+        goto err;
+
+    /* Add each signer in turn */
+
+    if (!CMS_add1_signer(cms, scert, skey, NULL, 0))
+        goto err;
+
+    if (!CMS_add1_signer(cms, scert2, skey2, NULL, 0))
+        goto err;
+
+    out = BIO_new_file("smout.txt", "w");
+    if (!out)
+        goto err;
+
+    /* NB: content included and finalized by SMIME_write_CMS */
+
+    if (!SMIME_write_CMS(out, cms, in, CMS_STREAM))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Signing Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    CMS_ContentInfo_free(cms);
+    X509_free(scert);
+    EVP_PKEY_free(skey);
+    X509_free(scert2);
+    EVP_PKEY_free(skey2);
+    BIO_free(in);
+    BIO_free(out);
+    BIO_free(tbio);
+    return ret;
+}
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_uncomp.c b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_uncomp.c
new file mode 100644
index 00000000..3e3b4c4c
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_uncomp.c
@@ -0,0 +1,58 @@
+/*
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Simple S/MIME uncompression example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Open compressed content */
+
+    in = BIO_new_file("smcomp.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* Sign content */
+    cms = SMIME_read_CMS(in, NULL);
+
+    if (!cms)
+        goto err;
+
+    out = BIO_new_file("smuncomp.txt", "w");
+    if (!out)
+        goto err;
+
+    /* Uncompress S/MIME message */
+    if (!CMS_uncompress(cms, out, NULL, 0))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Uncompressing Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    CMS_ContentInfo_free(cms);
+    BIO_free(in);
+    BIO_free(out);
+    return ret;
+}
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_ver.c b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_ver.c
new file mode 100644
index 00000000..43c10e25
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/cms_ver.c
@@ -0,0 +1,85 @@
+/*
+ * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/* Simple S/MIME verification example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL, *cont = NULL;
+    X509_STORE *st = NULL;
+    X509 *cacert = NULL;
+    CMS_ContentInfo *cms = NULL;
+
+    int ret = 1;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Set up trusted CA certificate store */
+
+    st = X509_STORE_new();
+
+    /* Read in CA certificate */
+    tbio = BIO_new_file("cacert.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    if (!cacert)
+        goto err;
+
+    if (!X509_STORE_add_cert(st, cacert))
+        goto err;
+
+    /* Open message being verified */
+
+    in = BIO_new_file("smout.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* parse message */
+    cms = SMIME_read_CMS(in, &cont);
+
+    if (!cms)
+        goto err;
+
+    /* File to output verified content to */
+    out = BIO_new_file("smver.txt", "w");
+    if (!out)
+        goto err;
+
+    if (!CMS_verify(cms, NULL, st, cont, out, 0)) {
+        fprintf(stderr, "Verification Failure\n");
+        goto err;
+    }
+
+    fprintf(stderr, "Verification Successful\n");
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Verifying Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    CMS_ContentInfo_free(cms);
+    X509_free(cacert);
+    BIO_free(in);
+    BIO_free(out);
+    BIO_free(tbio);
+    return ret;
+}
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/cms/comp.txt b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/comp.txt
new file mode 100644
index 00000000..1672328e
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/comp.txt
@@ -0,0 +1,22 @@
+Content-type: text/plain
+
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/cms/encr.txt b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/encr.txt
new file mode 100644
index 00000000..0eceb407
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/encr.txt
@@ -0,0 +1,3 @@
+Content-type: text/plain
+
+Sample OpenSSL Data for CMS encryption
diff --git a/CryptoPkg/Library/OpensslLib/openssl/demos/cms/sign.txt b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/sign.txt
new file mode 100644
index 00000000..c3f9d73d
--- /dev/null
+++ b/CryptoPkg/Library/OpensslLib/openssl/demos/cms/sign.txt
@@ -0,0 +1,3 @@
+Content-type: text/plain
+
+Test OpenSSL CMS Signed Content