commit 416dc034670a539b170caa09dfbc066c15842c9a
author Glenn Strauss <gstrauss@gluelogic.com> Thu Jun 30 00:38:53 2022 -0400
committer David Horstmann <david.horstmann@arm.com> Fri Jun 09 17:01:03 2023 +0100
tree f1536947c568fbf89fb797d63179b6703cc3ad9d
parent e5e8ba654e585e88dd127ff18a25cc093fb672c2

mbedtls_x509_time_cmp() compare mbedtls_x509_time

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>

ChangeLog.d/mbedtls_x509_time.txt

diff --git a/ChangeLog.d/mbedtls_x509_time.txt b/ChangeLog.d/mbedtls_x509_time.txt
new file mode 100644
index 0000000..3eacc29
--- /dev/null
+++ b/ChangeLog.d/mbedtls_x509_time.txt
@@ -0,0 +1,2 @@
+Features
+   * Improve mbedtls_x509_time performance and reduce memory use.

include/mbedtls/x509.h

diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index df6d762..ac8ff9a 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -367,6 +367,18 @@
 int mbedtls_x509_serial_gets(char *buf, size_t size, const mbedtls_x509_buf *serial);
 
 /**
+ * \brief          Compare pair of mbedtls_x509_time.
+ *
+ * \param t1       mbedtls_x509_time to compare
+ * \param t2       mbedtls_x509_time to compare
+ *
+ * \return         < 0 if t1 is before t2
+ *                   0 if t1 equals t2
+ *                 > 0 if t1 is after t2
+ */
+int mbedtls_x509_time_cmp(const mbedtls_x509_time *t1, const mbedtls_x509_time *t2);
+
+/**
  * \brief          Check a given mbedtls_x509_time against the system time
  *                 and tell if it's in the past.
  *

library/x509.c

diff --git a/library/x509.c b/library/x509.c
index 6e16c4c..031a3f0 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -994,6 +994,32 @@
     return 0;
 }
 
+int mbedtls_x509_time_cmp(const mbedtls_x509_time *t1,
+                          const mbedtls_x509_time *t2)
+{
+    if (t1->year != t2->year) {
+        return t1->year - t2->year;
+    }
+
+    if (t1->mon  != t2->mon) {
+        return t1->mon  - t2->mon;
+    }
+
+    if (t1->day  != t2->day) {
+        return t1->day  - t2->day;
+    }
+
+    if (t1->hour != t2->hour) {
+        return t1->hour - t2->hour;
+    }
+
+    if (t1->min  != t2->min) {
+        return t1->min  - t2->min;
+    }
+
+    return t1->sec  - t2->sec;
+}
+
 #if defined(MBEDTLS_HAVE_TIME_DATE)
 /*
  * Set the time structure to the current time.
@@ -1022,53 +1048,6 @@
     return ret;
 }
 
-/*
- * Return 0 if before <= after, 1 otherwise
- */
-static int x509_check_time(const mbedtls_x509_time *before, const mbedtls_x509_time *after)
-{
-    if (before->year  > after->year) {
-        return 1;
-    }
-
-    if (before->year == after->year &&
-        before->mon   > after->mon) {
-        return 1;
-    }
-
-    if (before->year == after->year &&
-        before->mon  == after->mon  &&
-        before->day   > after->day) {
-        return 1;
-    }
-
-    if (before->year == after->year &&
-        before->mon  == after->mon  &&
-        before->day  == after->day  &&
-        before->hour  > after->hour) {
-        return 1;
-    }
-
-    if (before->year == after->year &&
-        before->mon  == after->mon  &&
-        before->day  == after->day  &&
-        before->hour == after->hour &&
-        before->min   > after->min) {
-        return 1;
-    }
-
-    if (before->year == after->year &&
-        before->mon  == after->mon  &&
-        before->day  == after->day  &&
-        before->hour == after->hour &&
-        before->min  == after->min  &&
-        before->sec   > after->sec) {
-        return 1;
-    }
-
-    return 0;
-}
-
 int mbedtls_x509_time_is_past(const mbedtls_x509_time *to)
 {
     mbedtls_x509_time now;
@@ -1077,7 +1056,7 @@
         return 1;
     }
 
-    return x509_check_time(&now, to);
+    return mbedtls_x509_time_cmp(to, &now) < 0;
 }
 
 int mbedtls_x509_time_is_future(const mbedtls_x509_time *from)
@@ -1088,7 +1067,7 @@
         return 1;
     }
 
-    return x509_check_time(from, &now);
+    return mbedtls_x509_time_cmp(from, &now) > 0;
 }
 
 #else  /* MBEDTLS_HAVE_TIME_DATE */