CryptoPkg: Add some comments for API usage clarification.

This patch adds some comments for API usage clarification, and
adds one object initialization in X509ConstructCertificateStack
implementation to fix possible memory release issue.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Ting Ye <ting.ye@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17671 6f19259b-4bc3-4df7-8a09-765794883524

1 files changed, 3 insertions, 1 deletions

diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h
index 364fa3ca15..d3b211bec5 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -1631,6 +1631,8 @@ RsaGenerateKey (
 

 /**

   Validates key components of RSA context.

+  NOTE: This function performs integrity checks on all the RSA key material, so

+        the RSA key structure must contain all the private key data.

 

   This function validates key compoents of RSA context in following aspects:

   - Whether p is a prime

@@ -1859,7 +1861,7 @@ X509ConstructCertificate (
   If X509Stack is NULL, then return FALSE.

   If this interface is not supported, then return FALSE.

 

-  @param[in, out]  X509Stack  On input, pointer to an existing X509 stack object.

+  @param[in, out]  X509Stack  On input, pointer to an existing or NULL X509 stack object.

                               On output, pointer to the X509 stack object with new

                               inserted X509 certificate.

   @param           ...        A list of DER-encoded single certificate data followed