From dc204d5a0fd64d1ccbc90ebea827e7ad73b71f4d Mon Sep 17 00:00:00 2001 From: jyao1 Date: Tue, 12 Jun 2012 08:28:43 +0000 Subject: Add comment for modules which have external input. signed-off-by: jiewen.yao@intel.com reviewed-by: guo.dong@intel.com reviewed-by: ting.ye@intel.com reviewed-by: liming.gao@intel.com reviewed-by: elvin.li@intel.com git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13446 6f19259b-4bc3-4df7-8a09-765794883524 --- CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 5 +++++ CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 7 ++++++- .../Library/BaseCryptLib/Pk/CryptAuthenticode.c | 12 ++++++++++++ CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c | 21 +++++++++++++++++++++ CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 5 +++++ CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 5 +++++ 6 files changed, 54 insertions(+), 1 deletion(-) (limited to 'CryptoPkg') diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf index 84faecd873..3b4e696328 100644 --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -1,6 +1,11 @@ ## @file # Cryptographic Library Instance for DXE_DRIVER. # +# Caution: This module requires additional review when modified. +# This library will have external input - signature. +# This external input must be validated carefully to avoid security issue like +# buffer overflow, integer overflow. +# # Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf index e2c9f03b9a..e60c17ece0 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf @@ -1,7 +1,12 @@ ## @file # Cryptographic Library Instance for PEIM. # -# Copyright (c) 2010, Intel Corporation. All rights reserved.
+# Caution: This module requires additional review when modified. +# This library will have external input - signature. +# This external input must be validated carefully to avoid security issue like +# buffer overflow, integer overflow. +# +# Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c index a1f8c58e74..a4f62b22b5 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c @@ -1,6 +1,14 @@ /** @file Authenticode Portable Executable Signature Verification over OpenSSL. + Caution: This module requires additional review when modified. + This library will have external input - signature (e.g. PE/COFF Authenticode). + This external input must be validated carefully to avoid security issue like + buffer overflow, integer overflow. + + AuthenticodeVerify() will get PE/COFF Authenticode and will do basic check for + data structure. + Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -26,6 +34,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. If AuthData is NULL, then return FALSE. If ImageHash is NULL, then return FALSE. + Caution: This function may receive untrusted input. + PE/COFF Authenticode is external input, so this function will do basic check for + Authenticode data structure. + @param[in] AuthData Pointer to the Authenticode Signature retrieved from signed PE/COFF image to be verified. @param[in] DataSize Size of the Authenticode Signature in bytes. diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c index 036412af59..ec6aa005ac 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c @@ -1,6 +1,15 @@ /** @file PKCS#7 SignedData Verification Wrapper Implementation over OpenSSL. + Caution: This module requires additional review when modified. + This library will have external input - signature (e.g. UEFI Authenticated + Variable). It may by input in SMM mode. + This external input must be validated carefully to avoid security issue like + buffer overflow, integer overflow. + + WrapPkcs7Data(), Pkcs7GetSigners(), Pkcs7Verify() will get UEFI Authenticated + Variable and will do basic check for data structure. + Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -281,6 +290,10 @@ _Exit: Check input P7Data is a wrapped ContentInfo structure or not. If not construct a new structure to wrap P7Data. + Caution: This function may receive untrusted input. + UEFI Authenticated Variable is external input, so this function will do basic + check for PKCS#7 data structure. + @param[in] P7Data Pointer to the PKCS#7 message to verify. @param[in] P7Length Length of the PKCS#7 message in bytes. @param[out] WrapFlag If TRUE P7Data is a ContentInfo structure, otherwise @@ -389,6 +402,10 @@ WrapPkcs7Data ( If P7Data, CertStack, StackLength, TrustedCert or CertLength is NULL, then return FALSE. If P7Length overflow, then return FAlSE. + Caution: This function may receive untrusted input. + UEFI Authenticated Variable is external input, so this function will do basic + check for PKCS#7 data structure. + @param[in] P7Data Pointer to the PKCS#7 message to verify. @param[in] P7Length Length of the PKCS#7 message in bytes. @param[out] CertStack Pointer to Signer's certificates retrieved from P7Data. @@ -589,6 +606,10 @@ Pkcs7FreeSigners ( If P7Data, TrustedCert or InData is NULL, then return FALSE. If P7Length, CertLength or DataLength overflow, then return FAlSE. + Caution: This function may receive untrusted input. + UEFI Authenticated Variable is external input, so this function will do basic + check for PKCS#7 data structure. + @param[in] P7Data Pointer to the PKCS#7 message to verify. @param[in] P7Length Length of the PKCS#7 message in bytes. @param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf index 87f3b93fb9..f864efcd56 100644 --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf @@ -1,6 +1,11 @@ ## @file # Cryptographic Library Instance for DXE_RUNTIME_DRIVER # +# Caution: This module requires additional review when modified. +# This library will have external input - signature. +# This external input must be validated carefully to avoid security issue like +# buffer overflow, integer overflow. +# # Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf index f7bccc4379..ac3494a20c 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf @@ -10,6 +10,11 @@ # 5) DhGenerateParameter # 6) DhGenerateKey # +# Caution: This module requires additional review when modified. +# This library will have external input - signature. +# This external input must be validated carefully to avoid security issue like +# buffer overflow, integer overflow. +# # Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License -- cgit v1.2.3