/** @file\r
PKCS#7 SignedData Verification Wrapper Implementation over OpenSSL.\r
\r
-Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
//\r
// Check input parameters.\r
//\r
- ASSERT (PrivateKey != NULL);\r
- ASSERT (KeyPassword != NULL);\r
- ASSERT (InData != NULL);\r
- ASSERT (SignCert != NULL);\r
- ASSERT (SignedData != NULL);\r
- ASSERT (SignedDataSize != NULL);\r
- ASSERT (InDataSize <= INT_MAX);\r
+ if (PrivateKey == NULL || KeyPassword == NULL || InData == NULL ||\r
+ SignCert == NULL || SignedData == NULL || SignedDataSize == NULL || InDataSize > INT_MAX) {\r
+ return FALSE;\r
+ }\r
\r
RsaContext = NULL;\r
Key = NULL;\r
Cryptographic Message Syntax Standard". The input signed data could be wrapped\r
in a ContentInfo structure.\r
\r
- If P7Data is NULL, then ASSERT().\r
+ If P7Data, TrustedCert or InData is NULL, then return FALSE.\r
+ If P7Length, CertLength or DataLength overflow, then return FAlSE.\r
\r
@param[in] P7Data Pointer to the PKCS#7 message to verify.\r
@param[in] P7Length Length of the PKCS#7 message in bytes.\r
BOOLEAN Wrapped;\r
\r
//\r
- // ASSERT if any input parameter is invalid.\r
+ // Check input parameters.\r
//\r
- ASSERT (P7Data != NULL);\r
- ASSERT (TrustedCert != NULL);\r
- ASSERT (InData != NULL);\r
- ASSERT (P7Length <= INT_MAX);\r
- ASSERT (CertLength <= INT_MAX);\r
- ASSERT (DataLength <= INT_MAX);\r
-\r
+ if (P7Data == NULL || TrustedCert == NULL || InData == NULL || \r
+ P7Length > INT_MAX || CertLength > INT_MAX || DataLength > INT_MAX) {\r
+ return FALSE;\r
+ }\r
+ \r
Status = FALSE;\r
Pkcs7 = NULL;\r
CertBio = NULL;\r
projects / mirror_edk2.git / blobdiff