CryptoPkg: Clean up source files

[mirror_edk2.git] / CryptoPkg / Library / BaseCryptLib / Pk / CryptPkcs7Sign.c

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c
index 63fe78fc8655514a747db6321b6cb1d8583002d5..bc804015624d91468e02b12d03b60f202ac23113 100644 (file)
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c
@@ -1,7 +1,7 @@
 /** @file\r
   PKCS#7 SignedData Sign Wrapper Implementation over OpenSSL.\r
 \r
-Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r
 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 which accompanies this distribution.  The full text of the license may be found at\r
@@ -18,7 +18,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <openssl/x509.h>\r
 #include <openssl/pkcs7.h>\r
 \r
-\r
 /**\r
   Creates a PKCS#7 signedData as described in "PKCS #7: Cryptographic Message\r
   Syntax Standard, version 1.5". This interface is only intended to be used for\r
@@ -35,7 +34,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
   @param[in]  OtherCerts       Pointer to an optional additional set of certificates to\r
                                include in the PKCS#7 signedData (e.g. any intermediate\r
                                CAs in the chain).\r
-  @param[out] SignedData       Pointer to output PKCS#7 signedData.\r
+  @param[out] SignedData       Pointer to output PKCS#7 signedData. It's caller's\r
+                               responsibility to free the buffer with FreePool().\r
   @param[out] SignedDataSize   Size of SignedData in bytes.\r
 \r
   @retval     TRUE             PKCS#7 data signing succeeded.\r
@@ -116,12 +116,12 @@ Pkcs7Sign (
   if (Key == NULL) {\r
     goto _Exit;\r
   }\r
-  Key->save_type = EVP_PKEY_RSA;\r
-  Key->type      = EVP_PKEY_type (EVP_PKEY_RSA);\r
-  Key->pkey.rsa  = (RSA *) RsaContext;\r
+  if (EVP_PKEY_assign_RSA (Key, (RSA *) RsaContext) == 0) {\r
+    goto _Exit;\r
+  }\r
 \r
   //\r
-  // Convert the data to be signed to BIO format. \r
+  // Convert the data to be signed to BIO format.\r
   //\r
   DataBio = BIO_new (BIO_s_mem ());\r
   if (DataBio == NULL) {\r
@@ -168,14 +168,14 @@ Pkcs7Sign (
   // is totally 19 bytes.\r
   //\r
   *SignedDataSize = P7DataSize - 19;\r
-  *SignedData     = malloc (*SignedDataSize);\r
+  *SignedData     = AllocatePool (*SignedDataSize);\r
   if (*SignedData == NULL) {\r
     OPENSSL_free (P7Data);\r
     goto _Exit;\r
   }\r
 \r
   CopyMem (*SignedData, P7Data + 19, *SignedDataSize);\r
-  \r
+\r
   OPENSSL_free (P7Data);\r
 \r
   Status = TRUE;\r
@@ -184,13 +184,6 @@ _Exit:
   //\r
   // Release Resources\r
   //\r
-  if (RsaContext != NULL) {\r
-    RsaFree (RsaContext);\r
-    if (Key != NULL) {\r
-      Key->pkey.rsa = NULL;\r
-    }\r
-  }\r
-\r
   if (Key != NULL) {\r
     EVP_PKEY_free (Key);\r
   }\r