X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=CryptoPkg%2FLibrary%2FBaseCryptLib%2FPem%2FCryptPem.c;h=319ad59eccfe761f420fd9e75060de1617169ec5;hp=e9de39a1058a1983856d97572a3679115583759f;hb=6b8ebcb8de52ae5cab543181712e53eeb94340a7;hpb=4a567c9690db97ecbf982e9428727f073bada504

diff --git a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c
index e9de39a105..319ad59ecc 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c
@@ -1,7 +1,7 @@
 /** @file
   PEM (Privacy Enhanced Mail) Format Handler Wrapper Implementation over OpenSSL.
 
-Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -36,14 +36,14 @@ PasswordCallback (
 {
   INTN  KeyLength;
 
-  ZeroMem ((VOID *)Buf, (UINTN)Size);
+  ZeroMem ((VOID *) Buf, (UINTN) Size);
   if (Key != NULL) {
     //
     // Duplicate key phrase directly.
     //
-    KeyLength = AsciiStrLen ((CHAR8 *)Key);
+    KeyLength = (INTN) AsciiStrLen ((CHAR8 *)Key);
     KeyLength = (KeyLength > Size ) ? Size : KeyLength;
-    CopyMem (Buf, Key, KeyLength);
+    CopyMem (Buf, Key, (UINTN) KeyLength);
     return KeyLength;
   } else {
     return 0;
@@ -60,8 +60,8 @@ PasswordCallback (
                            RSA private key component. Use RsaFree() function to free the
                            resource.
 
-  If PemData is NULL, then ASSERT().
-  If RsaContext is NULL, then ASSERT().
+  If PemData is NULL, then return FALSE.
+  If RsaContext is NULL, then return FALSE.
 
   @retval  TRUE   RSA Private Key was retrieved successfully.
   @retval  FALSE  Invalid PEM key data or incorrect password.
@@ -80,10 +80,11 @@ RsaGetPrivateKeyFromPem (
   BIO      *PemBio;
 
   //
-  // ASSERT if PemData is NULL or RsaContext is NULL.
+  // Check input parameters.
   //
-  ASSERT (PemData    != NULL);
-  ASSERT (RsaContext != NULL);
+  if (PemData == NULL || RsaContext == NULL || PemSize > INT_MAX) {
+    return FALSE;
+  }
 
   Status = FALSE;
   PemBio = NULL;
@@ -92,16 +93,16 @@ RsaGetPrivateKeyFromPem (
   // Add possible block-cipher descriptor for PEM data decryption.
   // NOTE: Only support most popular ciphers (3DES, AES) for the encrypted PEM.
   //
-  EVP_add_cipher (EVP_des_ede3_cbc());
-  EVP_add_cipher (EVP_aes_128_cbc());
-  EVP_add_cipher (EVP_aes_192_cbc());
-  EVP_add_cipher (EVP_aes_256_cbc());
+  EVP_add_cipher (EVP_des_ede3_cbc ());
+  EVP_add_cipher (EVP_aes_128_cbc ());
+  EVP_add_cipher (EVP_aes_192_cbc ());
+  EVP_add_cipher (EVP_aes_256_cbc ());
 
   //
   // Read encrypted PEM Data.
   //
   PemBio = BIO_new (BIO_s_mem ());
-  BIO_write (PemBio, PemData, (int)PemSize);
+  BIO_write (PemBio, PemData, (int) PemSize);
   if (PemBio == NULL) {
     goto _Exit;
   }
@@ -109,7 +110,7 @@ RsaGetPrivateKeyFromPem (
   //
   // Retrieve RSA Private Key from encrypted PEM data.
   //
-  *RsaContext = PEM_read_bio_RSAPrivateKey (PemBio, NULL, (pem_password_cb *)&PasswordCallback, (void *)Password);
+  *RsaContext = PEM_read_bio_RSAPrivateKey (PemBio, NULL, (pem_password_cb *) &PasswordCallback, (void *) Password);
   if (*RsaContext != NULL) {
     Status = TRUE;
   }