Hello, I’m trying to verify a certificate against a certificate chain using the mbedtls_x509_crt_verify() function.
I have a Root CA certificate, an intermediate certificate and a Code Signer certificate. I load these three
certificates into the chain starting from the root ca. Then I load the certificate to verify and call the function:
ret = mbedtls_x509_crt_verify(&leaf, &chain, NULL, NULL, &flags, verify_callback, NULL)
It works fine, but it seems to consume too much memory. I need a buffer of 20x1024 that I initialized
with the mbedtls_memory_buffer_alloc_init() function. I’d need to reduce the buffer dimension because of the limitation of the device I’m using. I already tryed to use the mbedtls_x509_crt_parse_der_nocopy() for certificate parsing and I could reduce the buffer dimension up to 17x1024, but I need to reduce more. What can I do? Is there a way to do the verification on different steps without having to load the whole chain?