1. Enable the whole X509v3 extension checking.

2. Replace d2i_X509_bio with d2i_X509.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ling Qin <qin.long@intel.com>
Reviewed-by: Ouyang Qian <qian.ouyang@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14026 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
sfu5
2012-12-28 01:20:57 +00:00
parent bf29dc16e6
commit 02ee8d3b4c
3 changed files with 14 additions and 43 deletions

View File

@@ -38,9 +38,7 @@ X509ConstructCertificate (
OUT UINT8 **SingleX509Cert
)
{
BIO *CertBio;
X509 *X509Cert;
BOOLEAN Status;
//
// Check input parameters.
@@ -49,31 +47,17 @@ X509ConstructCertificate (
return FALSE;
}
Status = FALSE;
//
// Read DER-encoded X509 Certificate and Construct X509 object.
//
CertBio = BIO_new (BIO_s_mem ());
BIO_write (CertBio, Cert, (int) CertSize);
if (CertBio == NULL) {
goto _Exit;
}
X509Cert = d2i_X509_bio (CertBio, NULL);
X509Cert = d2i_X509 (NULL, &Cert, (long) CertSize);
if (X509Cert == NULL) {
goto _Exit;
return FALSE;
}
*SingleX509Cert = (UINT8 *) X509Cert;
Status = TRUE;
_Exit:
//
// Release Resources.
//
BIO_free (CertBio);
return Status;
return TRUE;
}
/**