summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c5
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c7
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c31
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c7
4 files changed, 19 insertions, 31 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c
index ed53b2dcbf..0b37adc33e 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c
@@ -84,10 +84,7 @@ RsaGetPrivateKeyFromPem (
//
ASSERT (PemData != NULL);
ASSERT (RsaContext != NULL);
-
- if (PemSize > INT_MAX) {
- return FALSE;
- }
+ ASSERT (PemSize <= INT_MAX);
Status = FALSE;
PemBio = NULL;
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
index 0370fd77a5..0321b20349 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c
@@ -60,14 +60,11 @@ AuthenticodeVerify (
UINTN ContentSize;
//
- // ASSERT if Authenticode Signature Data or PE Image Hash is NULL
+ // ASSERT if Authenticode Signature Data or PE Image Hash is NULL.
//
ASSERT (AuthData != NULL);
ASSERT (ImageHash != NULL);
-
- if (DataSize > INT_MAX) {
- return FALSE;
- }
+ ASSERT (DataSize <= INT_MAX);
Status = FALSE;
Pkcs7 = NULL;
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c
index c00d3bb033..47bab1004b 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c
@@ -150,17 +150,13 @@ Pkcs7Sign (
//
// Check input parameters.
//
- if ((PrivateKey == NULL) || (KeyPassword == NULL) || (InData == NULL)) {
- return FALSE;
- }
-
- if ((SignCert == NULL) || (SignedData == NULL) || (SignedDataSize == NULL)) {
- return FALSE;
- }
-
- if (InDataSize > INT_MAX) {
- return FALSE;
- }
+ ASSERT (PrivateKey != NULL);
+ ASSERT (KeyPassword != NULL);
+ ASSERT (InData != NULL);
+ ASSERT (SignCert != NULL);
+ ASSERT (SignedData != NULL);
+ ASSERT (SignedDataSize != NULL);
+ ASSERT (InDataSize <= INT_MAX);
RsaContext = NULL;
Key = NULL;
@@ -311,13 +307,14 @@ Pkcs7Verify (
BOOLEAN Wrapped;
//
- // ASSERT if P7Data is NULL or P7Length is not larger than 19 bytes.
+ // ASSERT if any input parameter is invalid.
//
- ASSERT ((P7Data != NULL) || (P7Length <= 19));
-
- if ((CertLength > INT_MAX) || (DataLength > INT_MAX)) {
- return FALSE;
- }
+ ASSERT (P7Data != NULL);
+ ASSERT (TrustedCert != NULL);
+ ASSERT (InData != NULL);
+ ASSERT (P7Length <= INT_MAX);
+ ASSERT (CertLength <= INT_MAX);
+ ASSERT (DataLength <= INT_MAX);
Status = FALSE;
Pkcs7 = NULL;
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 88c21369b6..3a5485e002 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -45,12 +45,9 @@ X509ConstructCertificate (
//
// ASSERT if Cert is NULL or SingleX509Cert is NULL.
//
- ASSERT (Cert != NULL);
+ ASSERT (Cert != NULL);
ASSERT (SingleX509Cert != NULL);
-
- if (CertSize > INT_MAX) {
- return FALSE;
- }
+ ASSERT (CertSize <= INT_MAX);
Status = FALSE;