library: x509: change order of checks in x509_crt_check_signature()

valeriosetti · valeriosetti · commit e403ff3eda87 · 2025-11-12T22:58:07.000+01:00
Checking that parent PK type is OK is definitely faster than computing
an hash, so invert the checks.

Signed-off-by: Valerio Setti &lt;valerio.setti@nordicsemi.no&gt;
diff --git a/library/x509_crt.c b/library/x509_crt.c
@@ -2110,6 +2110,11 @@ static int x509_crt_check_signature(const mbedtls_x509_crt *child,
     psa_algorithm_t hash_alg = mbedtls_md_psa_alg_from_type(child->sig_md);
     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
 
+    /* Skip expensive computation on obvious mismatch */
+    if (!mbedtls_pk_can_do(&parent->pk, (mbedtls_pk_type_t) child->sig_pk)) {
+        return -1;
+    }
+
     status = psa_hash_compute(hash_alg,
                               child->tbs.p,
                               child->tbs.len,
@@ -2120,11 +2125,6 @@ static int x509_crt_check_signature(const mbedtls_x509_crt *child,
         return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
     }
 
-    /* Skip expensive computation on obvious mismatch */
-    if (!mbedtls_pk_can_do(&parent->pk, (mbedtls_pk_type_t) child->sig_pk)) {
-        return -1;
-    }
-
 #if defined(MBEDTLS_ECP_RESTARTABLE)
     if (rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_SIGALG_ECDSA) {
         return mbedtls_pk_verify_restartable(&parent->pk,
