BOOLEAN Status;\r
X509 *X509Cert;\r
X509_NAME *X509Name;\r
+ UINTN X509NameSize;\r
\r
//\r
// Check input parameters.\r
goto _Exit;\r
}\r
\r
- if (*SubjectSize < (UINTN) X509Name->bytes->length) {\r
- *SubjectSize = (UINTN) X509Name->bytes->length;\r
+ X509NameSize = i2d_X509_NAME(X509Name, NULL);\r
+ if (*SubjectSize < X509NameSize) {\r
+ *SubjectSize = X509NameSize;\r
goto _Exit;\r
}\r
- *SubjectSize = (UINTN) X509Name->bytes->length;\r
+ *SubjectSize = X509NameSize;\r
if (CertSubject != NULL) {\r
- CopyMem (CertSubject, (UINT8 *) X509Name->bytes->data, *SubjectSize);\r
+ i2d_X509_NAME(X509Name, &CertSubject);\r
Status = TRUE;\r
}\r
\r
goto _Exit;\r
}\r
\r
+ //\r
+ // Allow partial certificate chains, terminated by a non-self-signed but\r
+ // still trusted intermediate certificate. Also disable time checks.\r
+ //\r
+ X509_STORE_set_flags (CertStore,\r
+ X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME);\r
+\r
//\r
// Set up X509_STORE_CTX for the subsequent verification operation.\r
//\r