From b3def1d341129db4ab4d19df44fcf05ece13df76 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 22 Feb 2019 11:46:06 +0000
Subject: [PATCH] Move length check into mbedtls_x509_memcasecmp()

At every occasion where we're using `mbedtls_x509_memcasecmp()` we're
checking that the two buffer lengths coincide before making the call.

This commit saves a few bytes of code by moving this length check
to `mbedtls_x509_memcasecmp()`.
---
 include/mbedtls/x509.h |  3 ++-
 library/x509.c         | 12 ++++++++----
 library/x509_crt.c     |  9 +++------
 3 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index c7b8cc4c5..c02c7c8ba 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -318,7 +318,8 @@ int mbedtls_x509_name_cmp_raw( mbedtls_x509_buf_raw const *a,
                                              mbedtls_x509_buf *oid,
                                              mbedtls_x509_buf *val ),
                                void *check_ctx );
-int mbedtls_x509_memcasecmp( const void *s1, const void *s2, size_t len );
+int mbedtls_x509_memcasecmp( const void *s1, const void *s2,
+                             size_t len1, size_t lend2 );
 int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
                   mbedtls_x509_buf *ext, int tag );
 
diff --git a/library/x509.c b/library/x509.c
index b49ecf3a7..f2b6c7b7e 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -487,13 +487,17 @@ int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end,
 /*
  * Like memcmp, but case-insensitive and always returns -1 if different
  */
-int mbedtls_x509_memcasecmp( const void *s1, const void *s2, size_t len )
+int mbedtls_x509_memcasecmp( const void *s1, const void *s2,
+                             size_t len1, size_t len2 )
 {
     size_t i;
     unsigned char diff;
     const unsigned char *n1 = s1, *n2 = s2;
 
-    for( i = 0; i < len; i++ )
+    if( len1 != len2 )
+        return( -1 );
+
+    for( i = 0; i < len1; i++ )
     {
         diff = n1[i] ^ n2[i];
 
@@ -531,8 +535,8 @@ static int x509_string_cmp( const mbedtls_x509_buf *a,
 
     if( ( a->tag == MBEDTLS_ASN1_UTF8_STRING || a->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) &&
         ( b->tag == MBEDTLS_ASN1_UTF8_STRING || b->tag == MBEDTLS_ASN1_PRINTABLE_STRING ) &&
-        a->len == b->len &&
-        mbedtls_x509_memcasecmp( a->p, b->p, b->len ) == 0 )
+        mbedtls_x509_memcasecmp( a->p, b->p,
+                                 a->len, b->len ) == 0 )
     {
         return( 0 );
     }
diff --git a/library/x509_crt.c b/library/x509_crt.c
index c9bc16321..5959c0afa 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -254,8 +254,8 @@ static int x509_check_wildcard( char const *cn,
     if( cn_idx == 0 )
         return( -1 );
 
-    if( cn_len - cn_idx == buf_len - 1 &&
-        mbedtls_x509_memcasecmp( buf + 1, cn + cn_idx, buf_len - 1 ) == 0 )
+    if( mbedtls_x509_memcasecmp( buf + 1, cn + cn_idx,
+                                 buf_len - 1, cn_len - cn_idx ) == 0 )
     {
         return( 0 );
     }
@@ -2387,11 +2387,8 @@ static int x509_crt_check_cn( unsigned char const *buf,
                               size_t cn_len )
 {
     /* Try exact match */
-    if( buflen == cn_len &&
-        mbedtls_x509_memcasecmp( cn, buf, cn_len ) == 0 )
-    {
+    if( mbedtls_x509_memcasecmp( cn, buf, buflen, cn_len ) == 0 )
         return( 0 );
-    }
 
     /* try wildcard match */
     if( x509_check_wildcard( cn, cn_len, buf, buflen ) == 0 )