summaryrefslogtreecommitdiff
path: root/CryptoPkg
diff options
context:
space:
mode:
Diffstat (limited to 'CryptoPkg')
-rw-r--r--CryptoPkg/Include/Library/BaseCryptLib.h4
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c4
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c3
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c2
-rw-r--r--CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Pk/CryptX509Null.c2
5 files changed, 10 insertions, 5 deletions
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h
index 364fa3ca15..d3b211bec5 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -1631,6 +1631,8 @@ RsaGenerateKey (
/**
Validates key components of RSA context.
+ NOTE: This function performs integrity checks on all the RSA key material, so
+ the RSA key structure must contain all the private key data.
This function validates key compoents of RSA context in following aspects:
- Whether p is a prime
@@ -1859,7 +1861,7 @@ X509ConstructCertificate (
If X509Stack is NULL, then return FALSE.
If this interface is not supported, then return FALSE.
- @param[in, out] X509Stack On input, pointer to an existing X509 stack object.
+ @param[in, out] X509Stack On input, pointer to an existing or NULL X509 stack object.
On output, pointer to the X509 stack object with new
inserted X509 certificate.
@param ... A list of DER-encoded single certificate data followed
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
index 5c21d121f5..b890704a2e 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
@@ -243,7 +243,9 @@ _Exit:
}
/**
- Validates key components of RSA context.
+ Validates key components of RSA context.
+ NOTE: This function performs integrity checks on all the RSA key material, so
+ the RSA key structure must contain all the private key data.
This function validates key compoents of RSA context in following aspects:
- Whether p is a prime
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 02851d5701..70b135a754 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -67,7 +67,7 @@ X509ConstructCertificate (
If X509Stack is NULL, then return FALSE.
- @param[in, out] X509Stack On input, pointer to an existing X509 stack object.
+ @param[in, out] X509Stack On input, pointer to an existing or NULL X509 stack object.
On output, pointer to the X509 stack object with new
inserted X509 certificate.
@param ... A list of DER-encoded single certificate data followed
@@ -132,6 +132,7 @@ X509ConstructCertificateStack (
//
// Construct X509 Object from the given DER-encoded certificate data.
//
+ X509Cert = NULL;
Status = X509ConstructCertificate (
(CONST UINT8 *) Cert,
CertSize,
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
index e1eb84d99b..51aa0633a8 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509Null.c
@@ -44,7 +44,7 @@ X509ConstructCertificate (
Return FALSE to indicate this interface is not supported.
- @param[in, out] X509Stack On input, pointer to an existing X509 stack object.
+ @param[in, out] X509Stack On input, pointer to an existing or NULL X509 stack object.
On output, pointer to the X509 stack object with new
inserted X509 certificate.
@param ... A list of DER-encoded single certificate data followed
diff --git a/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Pk/CryptX509Null.c b/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Pk/CryptX509Null.c
index c43ca07583..f5d9aa1076 100644
--- a/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Pk/CryptX509Null.c
+++ b/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/Pk/CryptX509Null.c
@@ -44,7 +44,7 @@ X509ConstructCertificate (
Return FALSE to indicate this interface is not supported.
- @param[in, out] X509Stack On input, pointer to an existing X509 stack object.
+ @param[in, out] X509Stack On input, pointer to an existing or NULL X509 stack object.
On output, pointer to the X509 stack object with new
inserted X509 certificate.
@param ... A list of DER-encoded single certificate data followed