Hello All,
I am trying to integrate the mbedTLS library into my existing project and facing some memory issues while creating the RSA keys.
I would like to give some background about the hardware and the software:
-
NXP LPC1124 Cortex-M0 (32kb ROM and 10KB RAM)
-
Existing application use ROM 22kb ROM and 3.2KB RAM
-
IDE : IAR Embedded workbench
-
Mbedtls – 2.16.6
I am new to the mbedTLS. My requirement is to create private and public key for some unique text. I am referring rsa_genkey.c to create keys.
This is my key generation code:
int ret = 1;
mbedtls_rsa_context rsa;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
const char *pers = “ABCD”;mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );mbedtls_entropy_init( &entropy );
if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
return;
}if( ( ret = mbedtls_rsa_gen_key( &rsa, mbedtls_ctr_drbg_random, &ctr_drbg, KEY_SIZE,
EXPONENT ) ) != 0 )
{
return;
}
I have enabled only required parameters in config.h
/* No default entropy platfrom */
#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
#define MBEDTLS_NO_PLATFORM_ENTROPY
/* mbed TLS modules */
#define MBEDTLS_BIGNUM_C
#define MBEDTLS_ECP_C
#define MBEDTLS_ENTROPY_C
#define MBEDTLS_OID_C
#define MBEDTLS_SHA256_C
#define MBEDTLS_RSA_C
#define MBEDTLS_AES_C
#define MBEDTLS_PKCS1_V15
#define MBEDTLS_CTR_DRBG_C
/* Save RAM by adjusting to our exact needs */
#define MBEDTLS_MPI_MAX_SIZE 256 // 256 bits are 32 bytes (Bignum support)
#define MBEDTLS_ECP_WINDOW_SIZE 4
#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1
#define MBEDTLS_ENTROPY_MAX_SOURCES 2
#define MBEDTLS_AES_ROM_TABLES
#define MBEDTLS_PLATFORM_MEMORY
#define MBEDTLS_PLATFORM_C
#define MBEDTLS_ENTROPY_FORCE_SHA256
/* MPI / BIGNUM options */
#define MBEDTLS_MPI_WINDOW_SIZE 1 /**< Maximum windows size used. */
#include “check_config.h”
Issue I am facing is, memory is running out due to aes_gen_tables() function.
If MBEDTLS_AES_ROM_TABLES is not enabled in config.h, RAM is running out.
If enabled, ROM is running out.
- Is there any way to minimize memory utilization?
- Is there any other algorithm to create private and public keys with less footprint?
- How much minimum memory is required to generate key pairs using RSA?
I would really appreciate any help.
Thank you!