Certificate chain verification is consuming too much memory

Hello, I’m trying to verify a certificate against a certificate chain using the mbedtls_x509_crt_verify() function.
I have a Root CA certificate, an intermediate certificate and a Code Signer certificate. I load these three
certificates into the chain starting from the root ca. Then I load the certificate to verify and call the function:

ret = mbedtls_x509_crt_verify(&leaf, &chain, NULL, NULL, &flags, verify_callback, NULL)

It works fine, but it seems to consume too much memory. I need a buffer of 20x1024 that I initialized
with the mbedtls_memory_buffer_alloc_init() function. I’d need to reduce the buffer dimension because of the limitation of the device I’m using. I already tryed to use the mbedtls_x509_crt_parse_der_nocopy() for certificate parsing and I could reduce the buffer dimension up to 17x1024, but I need to reduce more. What can I do? Is there a way to do the verification on different steps without having to load the whole chain?

Thank you!

HI @zephyro
I am assuming you have read this article as it discusses the mbedtls_x509_crt_parse_der_nocopy(), however there are other suggestions for reducing footprint.
What certificates do you have in your leaf and what do you have in your chain?
Does If I understand correct your description, your chain includes 3 certificate, and you have another certificate which is the leaf certificate. Am I correct? If yes, then from my understanding of your description. the root CA signs the intermediate certificate ( in addition to itself), the intermediate signs the Code Signer certificate, and the latter signs the leaf certificate. Since you put these three certificates chain as the trust_ca, the verification will stop at the first certificate in the chain that has the CA: true constraints set. I assume this is the intermediate certificate ( if not the Code signer certificate).
Please try setting as the trust_ca only the root CA, and as the certificate to verify, the chain: leaf, Code Signer, intermediate. Then, the updated certificate chain should be parsed using mbedtls_x509_crt_parse_der_nocopy() and then be verified with the root CA as the trust_ca.
( It would also probably work if instead of three certificates in your chain you would put until the first CA certificate, but this is not really the way certificate chains are sent).

I am assuming you are using DER formatted certificates and not PEM.

Note we have an ongoing PR for parsing the certificate on demand, but I am not sure this fits your needs, as it’s mostly for parsing during TLS handshake.
Regards,
Mbed Support
Ron