ARMmbed

RSA Signature verification algorithm

First of all, I am using static buffer for memory allocation (I am using bare-metal) and before using any of the mbedtls algorithms, I have to call this API “mbedtls_memory_buffer_alloc_init” for reserving the static buffer needed to run the algorithm.

So please, Could you kindly tell me the maximum size of buf (used as an argument parameter in mbedtls_memory_buffer_alloc_init) needed for running RSA Signature verification algorithm successfully ?
If there is a general rule for computing buf size, Please mention it.

Hi @AhmedHamza
There isn’t a general rule for computing the buf size, as it varies from the components you are using.
An RSA certificate is large enough, and considering the server may send a certificate chain, it may be that you need several KB in your buffer.

Note that you can use ecdsa signed certificates with similar security strength, and smaller size, if RAM is an issue for you.
Regards,
Mbed TLS Support
Ron

Thanks for your reply.

I just need to highlight the fact that we are using a specific component which is RSA with Key size 2048 and message hashing is done using SHA256.

I am having a specific buffer size, which was tested for different inputs with same bit size and eventually, all of these test cases passed successfully. But when I tried to verify signature with ZERO value and same bit size, the algorithm stuck in a while loop and this issue is solved by increasing the buffer size.

So, Is it possible that buffer size depends on the input value ?
If so, Could you justify how is it possible ?