diff --git a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c index ed53b2dcbf..0b37adc33e 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c +++ b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c @@ -84,10 +84,7 @@ RsaGetPrivateKeyFromPem ( // ASSERT (PemData != NULL); ASSERT (RsaContext != NULL); - - if (PemSize > INT_MAX) { - return FALSE; - } + ASSERT (PemSize <= INT_MAX); Status = FALSE; PemBio = NULL; diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c index 0370fd77a5..0321b20349 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c @@ -60,14 +60,11 @@ AuthenticodeVerify ( UINTN ContentSize; // - // ASSERT if Authenticode Signature Data or PE Image Hash is NULL + // ASSERT if Authenticode Signature Data or PE Image Hash is NULL. // ASSERT (AuthData != NULL); ASSERT (ImageHash != NULL); - - if (DataSize > INT_MAX) { - return FALSE; - } + ASSERT (DataSize <= INT_MAX); Status = FALSE; Pkcs7 = NULL; diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c index c00d3bb033..47bab1004b 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c @@ -150,17 +150,13 @@ Pkcs7Sign ( // // Check input parameters. // - if ((PrivateKey == NULL) || (KeyPassword == NULL) || (InData == NULL)) { - return FALSE; - } - - if ((SignCert == NULL) || (SignedData == NULL) || (SignedDataSize == NULL)) { - return FALSE; - } - - if (InDataSize > INT_MAX) { - return FALSE; - } + ASSERT (PrivateKey != NULL); + ASSERT (KeyPassword != NULL); + ASSERT (InData != NULL); + ASSERT (SignCert != NULL); + ASSERT (SignedData != NULL); + ASSERT (SignedDataSize != NULL); + ASSERT (InDataSize <= INT_MAX); RsaContext = NULL; Key = NULL; @@ -311,13 +307,14 @@ Pkcs7Verify ( BOOLEAN Wrapped; // - // ASSERT if P7Data is NULL or P7Length is not larger than 19 bytes. + // ASSERT if any input parameter is invalid. // - ASSERT ((P7Data != NULL) || (P7Length <= 19)); - - if ((CertLength > INT_MAX) || (DataLength > INT_MAX)) { - return FALSE; - } + ASSERT (P7Data != NULL); + ASSERT (TrustedCert != NULL); + ASSERT (InData != NULL); + ASSERT (P7Length <= INT_MAX); + ASSERT (CertLength <= INT_MAX); + ASSERT (DataLength <= INT_MAX); Status = FALSE; Pkcs7 = NULL; diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index 88c21369b6..3a5485e002 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -45,12 +45,9 @@ X509ConstructCertificate ( // // ASSERT if Cert is NULL or SingleX509Cert is NULL. // - ASSERT (Cert != NULL); + ASSERT (Cert != NULL); ASSERT (SingleX509Cert != NULL); - - if (CertSize > INT_MAX) { - return FALSE; - } + ASSERT (CertSize <= INT_MAX); Status = FALSE;