Compilers are likely to generate shorter assembly for loops of the
form `while( cnt-- ) { ... }` rather than
`for( ; count >= X; count -= X ) { ... }`. (E.g. the latter needs
a subtract+compare+branch after each loop, while the former only
needs decrement+branch).
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
This both simplifies parsing a little, and suppresses warnings. Suppressing
warnings is both good and bad: on the one hand it resolves problems such as
https://github.com/Mbed-TLS/mbedtls/issues/5731, on the other hand it may
hide clues as to why lsof wouldn't be working as expected.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
component_test_cmake_out_of_source was running the ssl-opt.sh test case
"Fallback SCSV: beginning of list", but this test case was removed in Mbed
TLS 3.0, so ssl-opt.sh was running nothing, which is not an effective test.
In 2.x, the test case was chosen because it uses an additional auxiliary
program tests/scripts/tcp_client.pl. This auxiliary program is no longer
used. So instead, run at least one test case that's sure to exist.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Overly restrictive protocol version negotiation checks might be
"version intolerant". TLS 1.3 and DTLS 1.3 move the version to
the "supported_versions" ClientHello extension.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Use mbedtls_ssl_protocol_version in public structs, even when doing
so results in a binary-incompatible change to the public structure
(PR feedback from @ronald-cron-arm)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
remove use of MBEDTLS_SSL_MINOR_VERSION_*
remove use of MBEDTLS_SSL_MAJOR_VERSION_*
(only remaining use is in tests/suites/test_suite_ssl.data)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Store the TLS version in tls_version instead of major, minor version num
Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is not compatible, as the struct is now smaller.
Reduce size of mbedtls_ssl_ciphersuite_t
members are defined using integral types instead of enums in
order to pack structure and reduce memory usage by internal
ciphersuite_definitions[]
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Store the TLS version in tls_version instead of major, minor version num
Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is not compatible on little-endian platforms,
but is compatible on big-endian platforms. For systems supporting
only TLSv1.2, the underlying values are the same (=> 3).
New setter functions are more type-safe,
taking argument as enum mbedtls_ssl_protocol_version:
mbedtls_ssl_conf_max_tls_version()
mbedtls_ssl_conf_min_tls_version()
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Store the TLS version instead of minor version number in tls_version.
Note: struct member size changed from unsigned char to uint16_t
Due to standard structure padding, the structure size does not change
unless alignment is 1-byte (instead of 2-byte or more)
Note: existing application use which accesses the struct member
(using MBEDTLS_PRIVATE) is compatible on little-endian platforms,
but not compatible on big-endian platforms. The enum values for
the lower byte of MBEDTLS_SSL_VERSION_TLS1_2 and of
MBEDTLS_SSL_VERSION_TLS1_3 matches MBEDTLS_SSL_MINOR_VERSION_3 and
MBEDTLS_SSL_MINOR_VERSION_4, respectively.
Note: care has been taken to preserve serialized session format,
which uses only the lower byte of the TLS version.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Removing the trimming has significant memory impact. While it is clearly what
we want to do eventually for constant-time'ness, it should be fixed alongside
a strategy to contain the ramifications on memory usage.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
`curves.pl` (invoked by `all.sh test_depends_curves`, and
`all.sh test_depends_curves_psa`) currently runs two series of tests:
* For each curve, test with only that curve enabled.
* For each curve, test with all curves but that one.
Originally this script was introduced to validate test dependencies, and for
that all-but-one gives better results because it handles test cases that
require multiple curves. Then we extended the script to also test with a
single curve, which matches many real-world setups and catches some product
bugs. Single-curve testing also validates test dependencies in a more
limited way.
Remove all-but-one curve testing, because it doesn't add much to the test
coverage. Mainly, this means that we now won't detect if a test case
declares two curve dependencies but actually also depends on a third. This
is an acceptable loss.
The trigger for removing all-but-one curve testing is that this will make
the job take only about half as long, and the length of the job was a bit of
a problem. Resolves#5729.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
component_test_CID_no_debug was added specifically to be a non-regression
test for https://github.com/Mbed-TLS/mbedtls/issues/3998. Running compat.sh
in the newly introduced config-ccm-psk-dtls1_2.h is also a non-regression
test for that bug. Therefore component_test_CID_no_debug is redundant for
its primary purpose.
Of course every configuration is different, but the additional coverage from
component_test_CID_no_debug is minimal, unlike config-ccm-psk-dtls1_2.h
which is a plausible real-world configuration.
In mbedtls-2.28, component_test_CID_no_debug was never added, and running
the unit tests in that configuration does not trigger the #3998 bug, only
compat.sh does. So, rather than backport component_test_CID_no_debug to
2.28.2, I am removing it from 3.2.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
A concurrent branch changes the way the test cases run to no longer use
force_version=tls13, so the automatic version requirement detection will no
longer work after that branch is merged. Therefore, keep the manual
requirement (at least until automatic detection gets smarter).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
