From 335e6558b00ccadfdc0412ef70a2cca4fc1c0b57 Mon Sep 17 00:00:00 2001
From: Wenxing Hou <wenxing.hou@intel.com>
Date: Wed, 3 Jan 2024 16:45:33 +0800
Subject: [PATCH] CryptoPkg: Fix TlsSetEcCurve

Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
---
 CryptoPkg/Library/TlsLibMbedtls/TlsConfig.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/CryptoPkg/Library/TlsLibMbedtls/TlsConfig.c b/CryptoPkg/Library/TlsLibMbedtls/TlsConfig.c
index 34a6231dcfd..95e0cae1f98 100644
--- a/CryptoPkg/Library/TlsLibMbedtls/TlsConfig.c
+++ b/CryptoPkg/Library/TlsLibMbedtls/TlsConfig.c
@@ -926,7 +926,9 @@ TlsSetEcCurve (
   )
 {
   TLS_CONNECTION  *TlsConn;
-  mbedtls_ecp_group_id grp_id;
+  UINT16  *GroupList;
+
+  GroupList = AllocateZeroPool(sizeof(UINT16) * 2);
 
   TlsConn = (TLS_CONNECTION *)Tls;
 
@@ -938,22 +940,24 @@ TlsSetEcCurve (
     case TlsEcNamedCurveSecp256r1:
       return EFI_UNSUPPORTED;
     case TlsEcNamedCurveSecp384r1:
-      grp_id = MBEDTLS_ECP_DP_SECP384R1;
+      GroupList[0] = MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1;
       break;
     case TlsEcNamedCurveSecp521r1:
-      grp_id = MBEDTLS_ECP_DP_SECP521R1;
+      GroupList[0] = MBEDTLS_SSL_IANA_TLS_GROUP_SECP521R1;
       break;
     case TlsEcNamedCurveX25519:
-      grp_id = MBEDTLS_ECP_DP_CURVE25519;
+      GroupList[0] = MBEDTLS_SSL_IANA_TLS_GROUP_X25519;
       break;
     case TlsEcNamedCurveX448:
-      grp_id = MBEDTLS_ECP_DP_CURVE448;
+      GroupList[0] = MBEDTLS_SSL_IANA_TLS_GROUP_X448;
       break;
     default:
       return EFI_UNSUPPORTED;
   }
 
-  mbedtls_ssl_conf_curves((mbedtls_ssl_config *)TlsConn->Ssl->conf, &grp_id);
+  GroupList[1] =  MBEDTLS_SSL_IANA_TLS_GROUP_NONE;
+
+  mbedtls_ssl_conf_groups((mbedtls_ssl_config *)TlsConn->Ssl->conf, GroupList);
 
   return EFI_SUCCESS;
 }