As PEM-encoded certificate is also necessary, add support for PEM-encoded certificate in X509ConstructCertificate.
Cc: Jiewen Yao <[email protected]> Cc: Jian J Wang <[email protected]> Cc: Xiaoyu Lu <[email protected]> Cc: Guomin Jiang <[email protected]> Signed-off-by: Jiaxia Xu <[email protected]> Signed-off-by: Wenyi Xie <[email protected]> --- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 33 ++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index b1393a89c5ab..db122cd574fa 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -9,6 +9,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "InternalCryptLib.h" #include <openssl/x509.h> #include <openssl/rsa.h> +#include <openssl/pem.h> /** Construct a X509 object from DER-encoded certificate data. @@ -33,7 +34,12 @@ X509ConstructCertificate ( ) { X509 *X509Cert; + BIO *BioCert; CONST UINT8 *Temp; + BOOLEAN CertFlag; + + BioCert = NULL; + CertFlag = TRUE; // // Check input parameters. @@ -48,12 +54,35 @@ X509ConstructCertificate ( Temp = Cert; X509Cert = d2i_X509 (NULL, &Temp, (long) CertSize); if (X509Cert == NULL) { - return FALSE; + BioCert = BIO_new (BIO_s_mem ()); + if (BioCert == NULL) { + CertFlag = FALSE; + goto ON_EXIT; + } + + if (BIO_write (BioCert, Temp, (UINT32) CertSize) <= 0) { + CertFlag = FALSE; + goto ON_EXIT; + } + + // + // Read PEM-encoded X509 Certificate and Construct X509 object. + // + X509Cert = PEM_read_bio_X509 (BioCert, NULL, NULL, NULL); + if (X509Cert == NULL) { + CertFlag = FALSE; + goto ON_EXIT; + } } *SingleX509Cert = (UINT8 *) X509Cert; - return TRUE; +ON_EXIT: + if (BioCert != NULL) { + BIO_free (BioCert); + } + + return CertFlag; } /** -- 2.20.1.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#83510): https://edk2.groups.io/g/devel/message/83510 Mute This Topic: https://groups.io/mt/86930148/21656 Group Owner: [email protected] Unsubscribe: https://edk2.groups.io/g/devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
