1. Enable the whole X509v3 extension checking.
2. Replace d2i_X509_bio with d2i_X509. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ling Qin <qin.long@intel.com> Reviewed-by: Ouyang Qian <qian.ouyang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14026 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
@@ -38,9 +38,7 @@ X509ConstructCertificate (
|
||||
OUT UINT8 **SingleX509Cert
|
||||
)
|
||||
{
|
||||
BIO *CertBio;
|
||||
X509 *X509Cert;
|
||||
BOOLEAN Status;
|
||||
|
||||
//
|
||||
// Check input parameters.
|
||||
@@ -49,31 +47,17 @@ X509ConstructCertificate (
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
Status = FALSE;
|
||||
|
||||
//
|
||||
// Read DER-encoded X509 Certificate and Construct X509 object.
|
||||
//
|
||||
CertBio = BIO_new (BIO_s_mem ());
|
||||
BIO_write (CertBio, Cert, (int) CertSize);
|
||||
if (CertBio == NULL) {
|
||||
goto _Exit;
|
||||
}
|
||||
X509Cert = d2i_X509_bio (CertBio, NULL);
|
||||
X509Cert = d2i_X509 (NULL, &Cert, (long) CertSize);
|
||||
if (X509Cert == NULL) {
|
||||
goto _Exit;
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
*SingleX509Cert = (UINT8 *) X509Cert;
|
||||
Status = TRUE;
|
||||
|
||||
_Exit:
|
||||
//
|
||||
// Release Resources.
|
||||
//
|
||||
BIO_free (CertBio);
|
||||
|
||||
return Status;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
|
Reference in New Issue
Block a user