Merge pull request #8665 from ivq/reduce_static_mem
Reduce many unnecessary static memory consumption
This commit is contained in:
commit
c8de362202
3 changed files with 17 additions and 17 deletions
|
@ -46,7 +46,7 @@
|
||||||
defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
|
defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
|
||||||
/* For these curves, we build the group parameters dynamically. */
|
/* For these curves, we build the group parameters dynamically. */
|
||||||
#define ECP_LOAD_GROUP
|
#define ECP_LOAD_GROUP
|
||||||
static mbedtls_mpi_uint mpi_one[] = { 1 };
|
static const mbedtls_mpi_uint mpi_one[] = { 1 };
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -4505,7 +4505,7 @@ static inline void ecp_mpi_set1(mbedtls_mpi *X)
|
||||||
{
|
{
|
||||||
X->s = 1;
|
X->s = 1;
|
||||||
X->n = 1;
|
X->n = 1;
|
||||||
X->p = mpi_one;
|
X->p = (mbedtls_mpi_uint *) mpi_one; /* X->p will not be modified so the cast is safe */
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -5311,7 +5311,7 @@ cleanup:
|
||||||
*/
|
*/
|
||||||
#define P_KOBLITZ_MAX (256 / 8 / sizeof(mbedtls_mpi_uint)) // Max limbs in P
|
#define P_KOBLITZ_MAX (256 / 8 / sizeof(mbedtls_mpi_uint)) // Max limbs in P
|
||||||
#define P_KOBLITZ_R (8 / sizeof(mbedtls_mpi_uint)) // Limbs in R
|
#define P_KOBLITZ_R (8 / sizeof(mbedtls_mpi_uint)) // Limbs in R
|
||||||
static inline int ecp_mod_koblitz(mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p_limbs,
|
static inline int ecp_mod_koblitz(mbedtls_mpi *N, const mbedtls_mpi_uint *Rp, size_t p_limbs,
|
||||||
size_t adjust, size_t shift, mbedtls_mpi_uint mask)
|
size_t adjust, size_t shift, mbedtls_mpi_uint mask)
|
||||||
{
|
{
|
||||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||||
|
@ -5325,7 +5325,7 @@ static inline int ecp_mod_koblitz(mbedtls_mpi *N, mbedtls_mpi_uint *Rp, size_t p
|
||||||
|
|
||||||
/* Init R */
|
/* Init R */
|
||||||
R.s = 1;
|
R.s = 1;
|
||||||
R.p = Rp;
|
R.p = (mbedtls_mpi_uint *) Rp; /* R.p will not be modified so the cast is safe */
|
||||||
R.n = P_KOBLITZ_R;
|
R.n = P_KOBLITZ_R;
|
||||||
|
|
||||||
/* Common setup for M */
|
/* Common setup for M */
|
||||||
|
@ -5396,7 +5396,7 @@ cleanup:
|
||||||
*/
|
*/
|
||||||
static int ecp_mod_p192k1(mbedtls_mpi *N)
|
static int ecp_mod_p192k1(mbedtls_mpi *N)
|
||||||
{
|
{
|
||||||
static mbedtls_mpi_uint Rp[] = {
|
static const mbedtls_mpi_uint Rp[] = {
|
||||||
MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00,
|
MBEDTLS_BYTES_TO_T_UINT_8(0xC9, 0x11, 0x00, 0x00, 0x01, 0x00, 0x00,
|
||||||
0x00)
|
0x00)
|
||||||
};
|
};
|
||||||
|
@ -5413,7 +5413,7 @@ static int ecp_mod_p192k1(mbedtls_mpi *N)
|
||||||
*/
|
*/
|
||||||
static int ecp_mod_p224k1(mbedtls_mpi *N)
|
static int ecp_mod_p224k1(mbedtls_mpi *N)
|
||||||
{
|
{
|
||||||
static mbedtls_mpi_uint Rp[] = {
|
static const mbedtls_mpi_uint Rp[] = {
|
||||||
MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00,
|
MBEDTLS_BYTES_TO_T_UINT_8(0x93, 0x1A, 0x00, 0x00, 0x01, 0x00, 0x00,
|
||||||
0x00)
|
0x00)
|
||||||
};
|
};
|
||||||
|
@ -5435,7 +5435,7 @@ static int ecp_mod_p224k1(mbedtls_mpi *N)
|
||||||
*/
|
*/
|
||||||
static int ecp_mod_p256k1(mbedtls_mpi *N)
|
static int ecp_mod_p256k1(mbedtls_mpi *N)
|
||||||
{
|
{
|
||||||
static mbedtls_mpi_uint Rp[] = {
|
static const mbedtls_mpi_uint Rp[] = {
|
||||||
MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00,
|
MBEDTLS_BYTES_TO_T_UINT_8(0xD1, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00,
|
||||||
0x00)
|
0x00)
|
||||||
};
|
};
|
||||||
|
|
|
@ -37,7 +37,7 @@ mbedtls_sha3_family_functions;
|
||||||
/*
|
/*
|
||||||
* List of supported SHA-3 families
|
* List of supported SHA-3 families
|
||||||
*/
|
*/
|
||||||
static mbedtls_sha3_family_functions sha3_families[] = {
|
static const mbedtls_sha3_family_functions sha3_families[] = {
|
||||||
{ MBEDTLS_SHA3_224, 1152, 224 },
|
{ MBEDTLS_SHA3_224, 1152, 224 },
|
||||||
{ MBEDTLS_SHA3_256, 1088, 256 },
|
{ MBEDTLS_SHA3_256, 1088, 256 },
|
||||||
{ MBEDTLS_SHA3_384, 832, 384 },
|
{ MBEDTLS_SHA3_384, 832, 384 },
|
||||||
|
@ -180,7 +180,7 @@ void mbedtls_sha3_clone(mbedtls_sha3_context *dst,
|
||||||
*/
|
*/
|
||||||
int mbedtls_sha3_starts(mbedtls_sha3_context *ctx, mbedtls_sha3_id id)
|
int mbedtls_sha3_starts(mbedtls_sha3_context *ctx, mbedtls_sha3_id id)
|
||||||
{
|
{
|
||||||
mbedtls_sha3_family_functions *p = NULL;
|
const mbedtls_sha3_family_functions *p = NULL;
|
||||||
|
|
||||||
for (p = sha3_families; p->id != MBEDTLS_SHA3_NONE; p++) {
|
for (p = sha3_families; p->id != MBEDTLS_SHA3_NONE; p++) {
|
||||||
if (p->id == id) {
|
if (p->id == id) {
|
||||||
|
|
|
@ -631,7 +631,7 @@ static const char *extension_name_table[] = {
|
||||||
[MBEDTLS_SSL_EXT_ID_RECORD_SIZE_LIMIT] = "record_size_limit"
|
[MBEDTLS_SSL_EXT_ID_RECORD_SIZE_LIMIT] = "record_size_limit"
|
||||||
};
|
};
|
||||||
|
|
||||||
static unsigned int extension_type_table[] = {
|
static const unsigned int extension_type_table[] = {
|
||||||
[MBEDTLS_SSL_EXT_ID_UNRECOGNIZED] = 0xff,
|
[MBEDTLS_SSL_EXT_ID_UNRECOGNIZED] = 0xff,
|
||||||
[MBEDTLS_SSL_EXT_ID_SERVERNAME] = MBEDTLS_TLS_EXT_SERVERNAME,
|
[MBEDTLS_SSL_EXT_ID_SERVERNAME] = MBEDTLS_TLS_EXT_SERVERNAME,
|
||||||
[MBEDTLS_SSL_EXT_ID_MAX_FRAGMENT_LENGTH] = MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH,
|
[MBEDTLS_SSL_EXT_ID_MAX_FRAGMENT_LENGTH] = MBEDTLS_TLS_EXT_MAX_FRAGMENT_LENGTH,
|
||||||
|
@ -3711,7 +3711,7 @@ int mbedtls_ssl_get_session(const mbedtls_ssl_context *ssl,
|
||||||
(SSL_SERIALIZED_SESSION_CONFIG_ETM << SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT) | \
|
(SSL_SERIALIZED_SESSION_CONFIG_ETM << SSL_SERIALIZED_SESSION_CONFIG_ETM_BIT) | \
|
||||||
(SSL_SERIALIZED_SESSION_CONFIG_TICKET << SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT)))
|
(SSL_SERIALIZED_SESSION_CONFIG_TICKET << SSL_SERIALIZED_SESSION_CONFIG_TICKET_BIT)))
|
||||||
|
|
||||||
static unsigned char ssl_serialized_session_header[] = {
|
static const unsigned char ssl_serialized_session_header[] = {
|
||||||
MBEDTLS_VERSION_MAJOR,
|
MBEDTLS_VERSION_MAJOR,
|
||||||
MBEDTLS_VERSION_MINOR,
|
MBEDTLS_VERSION_MINOR,
|
||||||
MBEDTLS_VERSION_PATCH,
|
MBEDTLS_VERSION_PATCH,
|
||||||
|
@ -4436,7 +4436,7 @@ void mbedtls_ssl_session_free(mbedtls_ssl_session *session)
|
||||||
(SSL_SERIALIZED_CONTEXT_CONFIG_ALPN << SSL_SERIALIZED_CONTEXT_CONFIG_ALPN_BIT) | \
|
(SSL_SERIALIZED_CONTEXT_CONFIG_ALPN << SSL_SERIALIZED_CONTEXT_CONFIG_ALPN_BIT) | \
|
||||||
0u))
|
0u))
|
||||||
|
|
||||||
static unsigned char ssl_serialized_context_header[] = {
|
static const unsigned char ssl_serialized_context_header[] = {
|
||||||
MBEDTLS_VERSION_MAJOR,
|
MBEDTLS_VERSION_MAJOR,
|
||||||
MBEDTLS_VERSION_MINOR,
|
MBEDTLS_VERSION_MINOR,
|
||||||
MBEDTLS_VERSION_PATCH,
|
MBEDTLS_VERSION_PATCH,
|
||||||
|
@ -5054,7 +5054,7 @@ void mbedtls_ssl_config_init(mbedtls_ssl_config *conf)
|
||||||
* See the documentation of mbedtls_ssl_conf_curves() for what we promise
|
* See the documentation of mbedtls_ssl_conf_curves() for what we promise
|
||||||
* about this list.
|
* about this list.
|
||||||
*/
|
*/
|
||||||
static uint16_t ssl_preset_default_groups[] = {
|
static const uint16_t ssl_preset_default_groups[] = {
|
||||||
#if defined(MBEDTLS_ECP_HAVE_CURVE25519)
|
#if defined(MBEDTLS_ECP_HAVE_CURVE25519)
|
||||||
MBEDTLS_SSL_IANA_TLS_GROUP_X25519,
|
MBEDTLS_SSL_IANA_TLS_GROUP_X25519,
|
||||||
#endif
|
#endif
|
||||||
|
@ -5105,7 +5105,7 @@ static const int ssl_preset_suiteb_ciphersuites[] = {
|
||||||
* - ssl_tls12_preset* is for TLS 1.2 use only.
|
* - ssl_tls12_preset* is for TLS 1.2 use only.
|
||||||
* - ssl_preset_* is for TLS 1.3 only or hybrid TLS 1.3/1.2 handshakes.
|
* - ssl_preset_* is for TLS 1.3 only or hybrid TLS 1.3/1.2 handshakes.
|
||||||
*/
|
*/
|
||||||
static uint16_t ssl_preset_default_sig_algs[] = {
|
static const uint16_t ssl_preset_default_sig_algs[] = {
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \
|
||||||
defined(MBEDTLS_MD_CAN_SHA256) && \
|
defined(MBEDTLS_MD_CAN_SHA256) && \
|
||||||
|
@ -5200,7 +5200,7 @@ static uint16_t ssl_tls12_preset_default_sig_algs[] = {
|
||||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||||
|
|
||||||
/* NOTICE: see above */
|
/* NOTICE: see above */
|
||||||
static uint16_t ssl_preset_suiteb_sig_algs[] = {
|
static const uint16_t ssl_preset_suiteb_sig_algs[] = {
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ANY_ALLOWED_ENABLED) && \
|
||||||
defined(MBEDTLS_MD_CAN_SHA256) && \
|
defined(MBEDTLS_MD_CAN_SHA256) && \
|
||||||
|
@ -5241,7 +5241,7 @@ static uint16_t ssl_tls12_preset_suiteb_sig_algs[] = {
|
||||||
|
|
||||||
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
|
#endif /* MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED */
|
||||||
|
|
||||||
static uint16_t ssl_preset_suiteb_groups[] = {
|
static const uint16_t ssl_preset_suiteb_groups[] = {
|
||||||
#if defined(MBEDTLS_ECP_HAVE_SECP256R1)
|
#if defined(MBEDTLS_ECP_HAVE_SECP256R1)
|
||||||
MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1,
|
MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1,
|
||||||
#endif
|
#endif
|
||||||
|
@ -5255,7 +5255,7 @@ static uint16_t ssl_preset_suiteb_groups[] = {
|
||||||
/* Function for checking `ssl_preset_*_sig_algs` and `ssl_tls12_preset_*_sig_algs`
|
/* Function for checking `ssl_preset_*_sig_algs` and `ssl_tls12_preset_*_sig_algs`
|
||||||
* to make sure there are no duplicated signature algorithm entries. */
|
* to make sure there are no duplicated signature algorithm entries. */
|
||||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||||
static int ssl_check_no_sig_alg_duplication(uint16_t *sig_algs)
|
static int ssl_check_no_sig_alg_duplication(const uint16_t *sig_algs)
|
||||||
{
|
{
|
||||||
size_t i, j;
|
size_t i, j;
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
|
Loading…
Reference in a new issue