diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-03-07 10:23:21 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-06-03 19:40:26 +0200 |
| commit | 96febfef5a80a4e128683663e3cdc4a50f8db78c (patch) | |
| tree | b833895bfd05b3369ff93393961d97ed27737d64 /lib/x509/verify.c | |
| parent | e5db8e4f2a7874ebd047e0744a41157f2ad50866 (diff) | |
| download | gnutls-96febfef5a80a4e128683663e3cdc4a50f8db78c.tar.gz | |
Optimized the check_if_same().
Diffstat (limited to 'lib/x509/verify.c')
| -rw-r--r-- | lib/x509/verify.c | 29 |
1 files changed, 26 insertions, 3 deletions
diff --git a/lib/x509/verify.c b/lib/x509/verify.c index 8ef697b16d..4eaa6a2932 100644 --- a/lib/x509/verify.c +++ b/lib/x509/verify.c @@ -53,15 +53,38 @@ static int _gnutls_verify_crl2 (gnutls_x509_crl_t crl, int tcas_size, unsigned int flags, unsigned int *output); -/* Checks if two certs are identical. Return 0 onn match. */ +/* Checks if two certs are identical. Return 0 on match. */ static int check_if_same_cert (gnutls_x509_crt_t cert1, gnutls_x509_crt_t cert2) { gnutls_datum_t cert1bin = { NULL, 0 }, cert2bin = - { - NULL, 0}; + {NULL, 0}; int result; + opaque serial1[128], serial2[128]; + size_t serial1_size, serial2_size; + + serial1_size = sizeof (serial1); + result = gnutls_x509_crt_get_serial (cert1, serial1, &serial1_size); + if (result < 0) + { + gnutls_assert (); + goto cmp; + } + + serial2_size = sizeof (serial2); + result = gnutls_x509_crt_get_serial (cert2, serial2, &serial2_size); + if (result < 0) + { + gnutls_assert (); + goto cmp; + } + + if (serial2_size != serial1_size || memcmp(serial1, serial2, serial1_size) != 0) + { + return 1; + } +cmp: result = _gnutls_x509_der_encode (cert1->cert, "", &cert1bin, 0); if (result < 0) { |