Footprint of Mbed TLS, MQTT and Ethernet

Mbed TLS
1

Hi all,

I am implementing ECIES on a Necleo-144 board (STM32F767 , 512K sram, 2M flash). My implementation of the crypto staffs worked well. However, I got stack overflow once I try to transfer the result with a MQTT over Ethernet. Then I made a very simple testing program which just connect to MQTT server and initialize a ctr_drbg. With the simple testing program, I still got stack overflow. Here are my questions:

  1. Which component, Ethernet or MQTT or Mbed tls, could be the part the resulted in the stack overflow?

  2. I have a simple program within the online compiler, the crypto part worked well, how can I add the Ethernet deriver? I tried to import the existing Ethernet lib, the compiler complaints the board was not supported.

Thank you.

2 
#include "mbed.h"
#include "mbedtls/config.h"
#include "mbedtls/platform.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"

#include "EthernetInterface.h"
#include "MQTTClient.h"
#include "MQTTEthernet.h"
#include "MQTTNetwork.h"

Serial pc(SERIAL_TX, SERIAL_RX);

EthernetInterface net;


int main()
{
  int rc = 0;
  pc.baud(115200);

  net.connect();
  const char *ip = net.get_ip_address();
  mbedtls_printf("IP address is: %s\n", ip ? ip : "No IP");

  MQTTNetwork mqttNetwork(&net);
  MQTT::Client<MQTTNetwork, Countdown> client(mqttNetwork);
  mbedtls_printf("Connecting to %s:%d\r\n", "192.168.1.101", 1883);
  rc = mqttNetwork.connect("192.168.1.101", 1883);
  if (rc != 0) {
    mbedtls_printf("rc from TCP connect is %d\r\n", rc);
    return -1;
  }

  MQTTPacket_connectData data = MQTTPacket_connectData_initializer;
  data.MQTTVersion = 3;
  data.clientID.cstring = "mbed-sample";
  data.username.cstring = "testuser";
  data.password.cstring = "testpassword";
  if ((rc = client.connect(data)) != 0) {
    mbedtls_printf("rc from MQTT connect is %d\r\n", rc);
    return -1;
  }
    
  // Start -- Make a ctr drbg context
  mbedtls_entropy_context entropy;
  mbedtls_entropy_init( &entropy );
 
  mbedtls_ctr_drbg_context ctr_drbg_ctx;
  mbedtls_ctr_drbg_init(&ctr_drbg_ctx);

  const char pers[] = "ecdh";
  rc = mbedtls_ctr_drbg_seed( &ctr_drbg_ctx, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, sizeof pers);
  if (rc != 0) {
    mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", rc );
    mbedtls_entropy_free(&entropy);
    mbedtls_ctr_drbg_free(&ctr_drbg_ctx);
    return rc;
  }
  // End -- Make a ctr drbg context

  unsigned int iteration = 0;
  while(1) {
    MQTT::Message message;

    char buf[100];
    sprintf(buf, "Hello World");
    message.qos = MQTT::QOS0;
    message.retained = false;
    message.dup = false;
    message.payload = (void*)buf;
    message.payloadlen = strlen(buf)+1;
    rc = client.publish("test_topic", message);
    mbedtls_printf("published done. rc=%d\r\n", rc);

    wait_ms(10000);
    iteration = iteration + 1;
  }

  mbedtls_entropy_free(&entropy);
  mbedtls_ctr_drbg_free(&ctr_drbg_ctx);
  return 0;
}
3

Hi @zhang_sh_wei
I suggest isolating the components to understand which one causes the stack overflow.
Do you still get stack overflow without using ctr_drbg and entropy? Meaning, onolyl by MQTT connection?
Regards,
Mbed TLS Team member
Ron

4

Thank you Ron.

If I remove the ctr_drbg and entropy part, the MQTT messaging part worked well. And if I remove the MQTT connection and messaging part, the ctr_drbg &entropy plus some crypto functions also work. What I intended to do, is to encrypt some messages with ECIES and send it output over the MQTT over ethernet connection. I managed to encrypt the messages with ECIES and it worked well. Until I integrate it with a MQTT connection. The MQTT part is what I imported and tested standalone, which worked as well. The problem is I can’t put those two parts together which cause stack overflow.

5

Hi @zhang_sh_wei Thank you for your input!
I am assuming you have 4KB of stack. Is this correct? Does the overflow happen when you increase stack size?
Do you know in what function does the Stack overflow occur? Is the MQTT connection over TLS? If so, what is the ciphersuite and certificate used, and what’s the size of MBEDTLS_MPI_MAX_SIZE?

Regards,
Ron