From 1300e99eb1ea94bcfec8c1f98c83a62fc85469a3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Tue, 4 Jul 2017 01:13:44 +0200
Subject: [PATCH] Extract name checking to separate function

Just copy-paste and unindent
---
 library/x509_crt.c | 117 ++++++++++++++++++++++++---------------------
 1 file changed, 63 insertions(+), 54 deletions(-)

diff --git a/library/x509_crt.c b/library/x509_crt.c
index d42384f7c..0285af743 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -2153,6 +2153,67 @@ callback:
     return( 0 );
 }
 
+/*
+ * Verify the requested CN - only call this if cn is not NULL!
+ */
+static void x509_crt_verify_name( mbedtls_x509_crt *crt,
+                                  const char *cn,
+                                  uint32_t *flags )
+{
+    mbedtls_x509_name *name;
+    mbedtls_x509_sequence *cur = NULL;
+    size_t cn_len;
+
+    name = &crt->subject;
+    cn_len = strlen( cn );
+
+    if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME )
+    {
+        cur = &crt->subject_alt_names;
+
+        while( cur != NULL )
+        {
+            if( cur->buf.len == cn_len &&
+                x509_memcasecmp( cn, cur->buf.p, cn_len ) == 0 )
+                break;
+
+            if( cur->buf.len > 2 &&
+                memcmp( cur->buf.p, "*.", 2 ) == 0 &&
+                x509_check_wildcard( cn, &cur->buf ) == 0 )
+            {
+                break;
+            }
+
+            cur = cur->next;
+        }
+
+        if( cur == NULL )
+            *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH;
+    }
+    else
+    {
+        while( name != NULL )
+        {
+            if( MBEDTLS_OID_CMP( MBEDTLS_OID_AT_CN, &name->oid ) == 0 )
+            {
+                if( name->val.len == cn_len &&
+                    x509_memcasecmp( name->val.p, cn, cn_len ) == 0 )
+                    break;
+
+                if( name->val.len > 2 &&
+                    memcmp( name->val.p, "*.", 2 ) == 0 &&
+                    x509_check_wildcard( cn, &name->val ) == 0 )
+                    break;
+            }
+
+            name = name->next;
+        }
+
+        if( name == NULL )
+            *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH;
+    }
+}
+
 /*
  * Verify the certificate validity
  */
@@ -2167,7 +2228,6 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
                 &mbedtls_x509_crt_profile_default, cn, flags, f_vrfy, p_vrfy ) );
 }
 
-
 /*
  * Verify the certificate validity, with profile
  *
@@ -2184,10 +2244,7 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
                      int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
                      void *p_vrfy )
 {
-    size_t cn_len;
     int ret;
-    mbedtls_x509_name *name;
-    mbedtls_x509_sequence *cur = NULL;
     mbedtls_pk_type_t pk_type;
 
     *flags = 0;
@@ -2198,57 +2255,9 @@ int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
         goto exit;
     }
 
+    /* check name if requested */
     if( cn != NULL )
-    {
-        name = &crt->subject;
-        cn_len = strlen( cn );
-
-        if( crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME )
-        {
-            cur = &crt->subject_alt_names;
-
-            while( cur != NULL )
-            {
-                if( cur->buf.len == cn_len &&
-                    x509_memcasecmp( cn, cur->buf.p, cn_len ) == 0 )
-                    break;
-
-                if( cur->buf.len > 2 &&
-                    memcmp( cur->buf.p, "*.", 2 ) == 0 &&
-                    x509_check_wildcard( cn, &cur->buf ) == 0 )
-                {
-                    break;
-                }
-
-                cur = cur->next;
-            }
-
-            if( cur == NULL )
-                *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH;
-        }
-        else
-        {
-            while( name != NULL )
-            {
-                if( MBEDTLS_OID_CMP( MBEDTLS_OID_AT_CN, &name->oid ) == 0 )
-                {
-                    if( name->val.len == cn_len &&
-                        x509_memcasecmp( name->val.p, cn, cn_len ) == 0 )
-                        break;
-
-                    if( name->val.len > 2 &&
-                        memcmp( name->val.p, "*.", 2 ) == 0 &&
-                        x509_check_wildcard( cn, &name->val ) == 0 )
-                        break;
-                }
-
-                name = name->next;
-            }
-
-            if( name == NULL )
-                *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH;
-        }
-    }
+        x509_crt_verify_name( crt, cn, flags );
 
     /* Check the type and size of the key */
     pk_type = mbedtls_pk_get_type( &crt->pk );