From cfe74a37b9eaf971e7a0f953c7a655433b90e066 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 8 Dec 2021 18:38:51 +0100 Subject: [PATCH] mbedtls_ssl_handshake_params: move ecrs_ctx back further "mbedtls_ssl_handshake_params: reorder fields to save code size" moved this filed earlier along with byte-sized fields that should be in the 128-element access window on Arm Thumb. This took away precious room in the 128-byte window. Move it back further out. Results (same architecture, config-suite-b.h + MBEDTLS_ECDH_LEGACY_CONTEXT + MBEDTLS_ECP_RESTARTABLE): library/ssl_cli.o: 2860 -> 2816 (diff: 44) library/ssl_msg.o: 3080 -> 3076 (diff: 4) library/ssl_srv.o: 3340 -> 3300 (diff: 40) library/ssl_tls.o: 6546 -> 6478 (diff: 68) Signed-off-by: Gilles Peskine --- library/ssl_misc.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 8a882f2aeb..88fa5609c1 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -558,7 +558,6 @@ struct mbedtls_ssl_handshake_params #if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) uint8_t ecrs_enabled; /*!< Handshake supports EC restart? */ - mbedtls_x509_crt_restart_ctx ecrs_ctx; /*!< restart context */ enum { /* this complements ssl->state with info on intra-state operations */ ssl_ecrs_none = 0, /*!< nothing going on (yet) */ ssl_ecrs_crt_verify, /*!< Certificate: crt_verify() */ @@ -637,6 +636,10 @@ struct mbedtls_ssl_handshake_params size_t psk_len; /*!< Length of PSK from callback */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ +#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED) + mbedtls_x509_crt_restart_ctx ecrs_ctx; /*!< restart context */ +#endif + #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_ssl_key_cert *key_cert; /*!< chosen key/cert pair (server) */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)