From 71606314f80500ff0849f66553fad0da11bf4beb Mon Sep 17 00:00:00 2001
From: Wenxing Hou <wenxing.hou@intel.com>
Date: Tue, 4 Jun 2024 14:52:18 +0800
Subject: [PATCH] CryptoPkg: Fix wrong logic in X509GetTBSCert

REF:
https://bugzilla.tianocore.org/show_bug.cgi?id=4509

Both return 0x80 value and
Asn1Tag != V_ASN1_SEQUENCE are wrong return.

Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 7ebec9dbad..021cc328f8 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -839,7 +839,7 @@ X509GetTBSCert (
   Length = 0;
   Inf    = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize);
 
-  if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+  if (((Inf & 0x80) == 0x80) || (Asn1Tag != V_ASN1_SEQUENCE)) {
     return FALSE;
   }
 
@@ -849,7 +849,7 @@ X509GetTBSCert (
   //
   // Verify the parsed TBSCertificate is one correct SEQUENCE data.
   //
-  if (((Inf & 0x80) == 0x80) && (Asn1Tag != V_ASN1_SEQUENCE)) {
+  if (((Inf & 0x80) == 0x80) || (Asn1Tag != V_ASN1_SEQUENCE)) {
     return FALSE;
   }