commit b3def1d341129db4ab4d19df44fcf05ece13df76
author Hanno Becker <hanno.becker@arm.com> Fri Feb 22 11:46:06 2019 +0000
committer Hanno Becker <hanno.becker@arm.com> Tue Jun 25 09:06:26 2019 +0100
tree 4d4f3b6a748c0baf74413c114f8258729f52b459
parent f1b39bf18c33d594cbe0647fb162a3f94b9f5481

Move length check into mbedtls_x509_memcasecmp()

At every occasion where we're using `mbedtls_x509_memcasecmp()` we're
checking that the two buffer lengths coincide before making the call.

This commit saves a few bytes of code by moving this length check
to `mbedtls_x509_memcasecmp()`.

include/mbedtls/x509.h

diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index c7b8cc4..c02c7c8 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -318,7 +318,8 @@
                                              mbedtls_x509_buf *oid,
                                              mbedtls_x509_buf *val ),
                                void *check_ctx );
-int mbedtls_x509_memcasecmp( const void *s1, const void *s2, size_t len );
+int mbedtls_x509_memcasecmp( const void *s1, const void *s2,
+                             size_t len1, size_t lend2 );
 int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
                   mbedtls_x509_buf *ext, int tag );
 

library/x509.c

diff --git a/library/x509.c b/library/x509.c
index b49ecf3..f2b6c7b 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -487,13 +487,17 @@
 /*
  * Like memcmp, but case-insensitive and always returns -1 if different
  */
-int mbedtls_x509_memcasecmp( const void *s1, const void *s2, size_t len )
+int mbedtls_x509_memcasecmp( const void *s1, const void *s2,
+                             size_t len1, size_t len2 )
 {
     size_t i;
     unsigned char diff;
     const unsigned char *n1 = s1, *n2 = s2;
 
-    for( i = 0; i < len; i++ )
+    if( len1 != len2 )
+        return( -1 );
+
+    for( i = 0; i < len1; i++ )
     {
         diff = n1[i] ^ n2[i];
 
@@ -531,8 +535,8 @@
 
     if( ( a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) &&
         ( b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) &&
-        a->len == b->len &&
-        mbedtls_x509_memcasecmp( a->p, b->p, b->len ) == 0 )
+        mbedtls_x509_memcasecmp( a->p, b->p,
+                                 a->len, b->len ) == 0 )
     {
         return( 0 );
     }

library/x509_crt.c

diff --git a/library/x509_crt.c b/library/x509_crt.c
index c9bc163..5959c0a 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -254,8 +254,8 @@
     if( cn_idx == 0 )
         return( -1 );
 
-    if( cn_len - cn_idx == buf_len - 1 &&
-        mbedtls_x509_memcasecmp( buf + 1, cn + cn_idx, buf_len - 1 ) == 0 )
+    if( mbedtls_x509_memcasecmp( buf + 1, cn + cn_idx,
+                                 buf_len - 1, cn_len - cn_idx ) == 0 )
     {
         return( 0 );
     }
@@ -2387,11 +2387,8 @@
                               size_t cn_len )
 {
     /* Try exact match */
-    if( buflen == cn_len &&
-        mbedtls_x509_memcasecmp( cn, buf, cn_len ) == 0 )
-    {
+    if( mbedtls_x509_memcasecmp( cn, buf, buflen, cn_len ) == 0 )
         return( 0 );
-    }
 
     /* try wildcard match */
     if( x509_check_wildcard( cn, cn_len, buf, buflen ) == 0 )