1. Fix build break issue for NOOPT target.

2. Fix potential system hang issue in X509_STORE_CTX_cleanup.
3. Fix potential overflow when convert UINTN to INT.
4. Update Pkcs7Sign() to output stripped PKCS#7 SignedData.
5. Update Pkcs7Verify() to support both wrapped/stripped PKCS#7 SignedData.

Signed-off-by: tye
Reviewed-by: xdu2



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12593 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
tye1
2011-10-28 07:41:26 +00:00
parent 91c7aa5389
commit da9e7418da
5 changed files with 126 additions and 13 deletions

View File

@@ -48,6 +48,10 @@ X509ConstructCertificate (
ASSERT (Cert != NULL);
ASSERT (SingleX509Cert != NULL);
if (CertSize > INT_MAX) {
return FALSE;
}
Status = FALSE;
//
@@ -439,6 +443,7 @@ X509VerifyCert (
// X509 Certificate Verification.
//
Status = (BOOLEAN) X509_verify_cert (&CertCtx);
X509_STORE_CTX_cleanup (&CertCtx);
_Exit:
//
@@ -447,7 +452,6 @@ _Exit:
X509_free (X509Cert);
X509_free (X509CACert);
X509_STORE_free (CertStore);
X509_STORE_CTX_cleanup (&CertCtx);
return Status;
}