Skip to content

Commit

Permalink
CryptoPkg: Fix TlsSetCaCertificate
Browse files Browse the repository at this point in the history 
The before TlsSetCaCertificate use local variable is wrong.

Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
  • Loading branch information
@Wenxing-hou
Wenxing-hou committed Jan 5, 2024
1 parent 335e655 commit eb29e61
Showing 1 changed file with 6 additions and 5 deletions.
11 changes: 6 additions & 5 deletions CryptoPkg/Library/TlsLibMbedtls/TlsConfig.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -623,7 +623,7 @@ TlsSetCaCertificate (
)
{
TLS_CONNECTION *TlsConn;
mbedtls_x509_crt Crt;
mbedtls_x509_crt *Crt;
INT32 Ret;

TlsConn = (TLS_CONNECTION *)Tls;
Expand All @@ -636,13 +636,14 @@ TlsSetCaCertificate (
return EFI_INVALID_PARAMETER;
}

mbedtls_x509_crt_init(&Crt);
Crt = AllocateZeroPool(sizeof(mbedtls_x509_crt));
mbedtls_x509_crt_init(Crt);

Ret = mbedtls_x509_crt_parse_der(&Crt, Data, DataSize);
Ret = mbedtls_x509_crt_parse_der(Crt, Data, DataSize);

if (Ret == 0) {
mbedtls_ssl_conf_ca_chain((mbedtls_ssl_config *)TlsConn->Ssl->conf, &Crt, NULL);
mbedtls_x509_crt_free(&Crt);
mbedtls_ssl_conf_ca_chain((mbedtls_ssl_config *)TlsConn->Ssl->conf, Crt, NULL);
mbedtls_ssl_conf_cert_profile((mbedtls_ssl_config *)TlsConn->Ssl->conf, &mbedtls_x509_crt_profile_default);
}

return (Ret == 0) ? EFI_SUCCESS : EFI_ABORTED;
Expand Down

0 comments on commit eb29e61

Please sign in to comment.