Closed Bug 1794045 Opened 2 years ago Closed 2 years ago

Reduce size of rust builtins module

Categories

(Core :: Security: PSM, enhancement, P3)

Product:
Core
Component:
Security: PSM
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
112 Branch
Tracking Flags:
Tracking Status
firefox107 --- wontfix
firefox112 --- fixed

People

(Reporter: jschanck, Assigned: jschanck)

References

Details

Attachments

(1 file)

Bug 1794045 - remove redundant data from builtins module. r=keeler
48 bytes, text/x-phabricator-request
Details | Review

The rust builtins module from Bug 1789520 currently has to store a DER encoded X.509 certificate, that certificate's subject, and its serial number for each builtin root. The subject and serial can be found as subslices of the cert, but we currently store them separately. In Rust 1.64 the slice::from_raw_parts function is const, so we could easily present these values as subslices instead. Looks like we could save ~ 20kB.

We'll need to wait for an MSRV bump.

Severity: -- → N/A
Duplicate of this bug: 1798499

As of Bug 1807761, the minimum supported rust version is 1.65, so we can use slice::from_raw_parts at compile time. As expect, we can save 20kB in the builtins module, 612k -> 592k.

Sample build.rs output:

Before

static ROOT_0: &[u8] = &[0x30, 0x82, 0x03, 0xA8, 0x30, 0x82, 0x02, 0x90, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xFE, 0xDC, 0xE3, 0x01, 0x0F, 0xC9, 0x48, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x34, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x46, 0x52, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x09, 0x44, 0x68, 0x69, 0x6D, 0x79, 0x6F, 0x74, 0x69, 0x73, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x08, 0x43, 0x65, 0x72, 0x74, 0x69, 0x67, 0x6E, 0x61, 0x30, 0x1E, 0x17, 0x0D, 0x30, 0x37, 0x30, ...];
[...]
Root {
  [...]
  der_name: &[0x30, 0x34, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x46, 0x52, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x09, 0x44, 0x68, 0x69, 0x6D, 0x79, 0x6F, 0x74, 0x69, 0x73, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x08, 0x43, 0x65, 0x72, 0x74, 0x69, 0x67, 0x6E, 0x61, ],
  der_serial: &[0x02, 0x09, 0x00, 0xFE, 0xDC, 0xE3, 0x01, 0x0F, 0xC9, 0x48, 0xFF, ],
  der_cert: ROOT_0,
  [...]
}

After

static ROOT_0: &[u8] = &[0x30, 0x82, 0x03, 0xA8, 0x30, 0x82, 0x02, 0x90, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xFE, 0xDC, 0xE3, 0x01, 0x0F, 0xC9, 0x48, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x34, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x46, 0x52, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x09, 0x44, 0x68, 0x69, 0x6D, 0x79, 0x6F, 0x74, 0x69, 0x73, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x08, 0x43, 0x65, 0x72, 0x74, 0x69, 0x67, 0x6E, 0x61, 0x30, 0x1E, 0x17, 0x0D, 0x30, 0x37, 0x30, ...];
static SERIAL_0: &[u8] = unsafe { slice::from_raw_parts(ROOT_0.as_ptr().offset(13), 11) };
static SUBJECT_0: &[u8] = unsafe { slice::from_raw_parts(ROOT_0.as_ptr().offset(39), 54) };
[...]
Root {
  [...]
  der_name: SUBJECT_0,
  der_serial: SERIAL_0,
  der_cert: ROOT_0,
  [...]
}
Pushed by jschanck@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/feee956e2c70 remove redundant data from builtins module. r=keeler

https://hg.mozilla.org/mozilla-central/rev/feee956e2c70

Status: NEW → RESOLVED
Closed: 2 years ago
status-firefox112: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 112 Branch
Blocks: 1827534
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: