projects / project / ucert.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8e91520)
remove unused stat variable and gettimeofday only once while verifying
authorDaniel Golle <daniel@makrotopia.org>
Fri, 8 Jun 2018 00:56:22 +0000 (02:56 +0200)
committerDaniel Golle <daniel@makrotopia.org>
Thu, 14 Jun 2018 16:51:22 +0000 (18:51 +0200)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)

ucert.c patch | blob | history

diff --git a/ucert.c b/ucert.c
index d5652e8510e862af845ba01b57f0179f6e506a5a..6762ed8ae07fcb5e959e081ff93e6aedde307b4a 100644 (file)
--- a/ucert.c
+++ b/ucert.c
@@ -250,6 +250,7 @@ static int chain_verify(const char *msgfile, const char *pubkeyfile,
        char extsigfile[256] = {0};
        int ret = 1;
        int checkmsg = 0;
+       struct timeval tv;
 
        if (mkdtemp(tmpdir) == NULL)
                return errno;
@@ -257,10 +258,11 @@ static int chain_verify(const char *msgfile, const char *pubkeyfile,
        if (msgfile)
                checkmsg = -1;
 
+       gettimeofday(&tv, NULL);
+
        list_for_each_entry(cobj, chain, list) {
                /* blob has payload, verify that using signature */
                if (cobj->cert[CERT_ATTR_PAYLOAD]) {
-                       struct timeval tv;
                        uint64_t validfrom;
                        uint64_t expiresat;
                        uint32_t certtype;
@@ -306,7 +308,6 @@ static int chain_verify(const char *msgfile, const char *pubkeyfile,
                                goto clean_and_return;
                        }
 
-                       gettimeofday(&tv, NULL);
                        if (tv.tv_sec < validfrom ||
                            tv.tv_sec >= expiresat) {
                                ret = 3;
@@ -409,7 +410,6 @@ static int cert_issue(const char *certfile, const char *pubkeyfile, const char *
        struct blob_buf certbuf;
        struct blob_buf payloadbuf;
        struct timeval tv;
-       struct stat st;
        int pklen, siglen;
        int revoker = 1;
        void *c;
@@ -512,6 +512,8 @@ static int cert_process_revoker(const char *certfile, const char *pubkeydir) {
                return 1;
        }
 
+       gettimeofday(&tv, NULL);
+
        list_for_each_entry(cobj, &certchain, list) {
                if (!cobj->cert[CERT_ATTR_PAYLOAD])
                        return 2;
@@ -556,7 +558,6 @@ static int cert_process_revoker(const char *certfile, const char *pubkeydir) {
                        return 2;
                }
 
-               gettimeofday(&tv, NULL);
                if (tv.tv_sec < validfrom) {
                        return 3;
                }
OpenWrt usign certificate wrapper