yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-26 20:51:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove redundant variable

Browse source 
path_cnt was always chain_len - 1 in the loop body
This commit is contained in:
Manuel Pégourié-Gonnard 2017-08-09 10:28:07 +02:00
parent 7ff243a87c
commit 24611f9383
1 changed files with 9 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
library/x509_crt.c
View file

@ -2093,7 +2093,6 @@ static int x509_crt_verify_chain(
mbedtls_x509_crt *parent; mbedtls_x509_crt *parent;
int parent_is_trusted = 0; int parent_is_trusted = 0;
int child_is_trusted = 0; int child_is_trusted = 0;
int path_cnt = 0; /* like chain_len but not updated at the same time */
int self_cnt = 0; int self_cnt = 0;
child = crt; child = crt;
@ -2101,8 +2100,8 @@ static int x509_crt_verify_chain(
while( 1 ) { while( 1 ) {
/* Add certificate to the verification chain */ /* Add certificate to the verification chain */
ver_chain[path_cnt].crt = child; ver_chain[*chain_len].crt = child;
flags = &ver_chain[path_cnt].flags; flags = &ver_chain[*chain_len].flags;
++*chain_len; ++*chain_len;
/* Check time-validity (all certificates) */ /* Check time-validity (all certificates) */
@ -2124,7 +2123,7 @@ static int x509_crt_verify_chain(
*flags |= MBEDTLS_X509_BADCERT_BAD_PK; *flags |= MBEDTLS_X509_BADCERT_BAD_PK;
/* Special case: EE certs that are locally trusted */ /* Special case: EE certs that are locally trusted */
if( path_cnt == 0 && if( *chain_len == 1 &&
x509_crt_check_ee_locally_trusted( child, trust_ca ) == 0 ) x509_crt_check_ee_locally_trusted( child, trust_ca ) == 0 )
{ {
return( 0 ); return( 0 );
@ -2132,7 +2131,7 @@ static int x509_crt_verify_chain(
/* Look for a parent in trusted CAs or up the chain */ /* Look for a parent in trusted CAs or up the chain */
parent = x509_crt_find_parent( child, trust_ca, &parent_is_trusted, parent = x509_crt_find_parent( child, trust_ca, &parent_is_trusted,
path_cnt, self_cnt ); *chain_len - 1, self_cnt );
/* No parent? We're done here */ /* No parent? We're done here */
if( parent == NULL ) if( parent == NULL )
@ -2144,13 +2143,16 @@ static int x509_crt_verify_chain(
/* Count intermediate self-issued (not necessarily self-signed) certs. /* Count intermediate self-issued (not necessarily self-signed) certs.
* These can occur with some strategies for key rollover, see [SIRO], * These can occur with some strategies for key rollover, see [SIRO],
* and should be excluded from max_pathlen checks. */ * and should be excluded from max_pathlen checks. */
if( ( path_cnt != 0 ) && x509_name_cmp( &child->issuer, &child->subject ) == 0 ) if( *chain_len != 1 &&
x509_name_cmp( &child->issuer, &child->subject ) == 0 )
{
self_cnt++; self_cnt++;
}
/* path_cnt is 0 for the first intermediate CA, /* path_cnt is 0 for the first intermediate CA,
* and if parent is trusted it's not an intermediate CA */ * and if parent is trusted it's not an intermediate CA */
if( ! parent_is_trusted && if( ! parent_is_trusted &&
1 + path_cnt > MBEDTLS_X509_MAX_INTERMEDIATE_CA ) *chain_len > MBEDTLS_X509_MAX_INTERMEDIATE_CA )
{ {
/* return immediately to avoid overflow the chain array */ /* return immediately to avoid overflow the chain array */
return( MBEDTLS_ERR_X509_FATAL_ERROR ); return( MBEDTLS_ERR_X509_FATAL_ERROR );
@ -2175,7 +2177,6 @@ static int x509_crt_verify_chain(
child = parent; child = parent;
parent = NULL; parent = NULL;
child_is_trusted = parent_is_trusted; child_is_trusted = parent_is_trusted;
++path_cnt;
} }
} }