1 (edited by swapnil.mishraj 2021-11-09 11:46:56)

Topic: Wolfcrypt minimum RAM footprint for RSA2048 or ECC384

In the https://www.wolfssl.com/files/flyers/wo … ce_use.pdf I could see the peak usage of RAM for different settings.
Is there any such memoy reference available if I use Static Memory only for PKCS7 type RSA2048 signature verification?

My application only does signature verification and root of trust certificate (DER format) verification of the firmware.
Static Config: Static configuration defines in user_settings.h: 

#define WOLFSSL_STATIC_MEMORY
    #define WOLFSSL_STATIC_MEMORY
    #define WOLFSSL_NO_MALLOC
    #define WOLFSSL_STATIC_MEMORY_SMALL

    #define USE_FAST_MATH
    #define TFM_TIMING_RESISTANT

    #define WOLFCRYPT_ONLY
    #define WOLFSSL_GENERAL_ALIGNMENT 4
    #define SINGLE_THREADED
    #define SIZEOF_LONG_LONG 8

    #ifdef __RSA__
        #define WC_RSA_NO_PADDING
        #define WC_RSA_PSS
        /* WC_RSA_BLINDING: Enables blinding mode, to prevent timing attacks. */
        #define WC_RSA_BLINDING
        #define RSA_LOW_MEM
        #define FP_MAX_BITS     4096
        #define WOLFSSL_RSA_VERIFY_INLINE
        #define WC_NO_RSA_OAEP
    #endif

    #ifdef __ECC__
        #define HAVE_ECC
        #define ECC_SHAMIR
        #define TFM_ECC256
        /* ECC_TIMING_RESISTANT: ECC specific timing resistance. */
        #define ECC_TIMING_RESISTANT
        #define NO_ECC_CHECK_KEY
        #define NO_RSA
        #define HAVE_X963_KDF
    #endif


    #ifdef __SHA512__
        #define WOLFSSL_SHA512
    #endif

    #ifdef __SHA384__
        #define WOLFSSL_SHA384
    #endif

    /* PKCS7 specific */
    #define NO_PKCS7_STREAM
    #define HAVE_PKCS7

    #define HAVE_AES_KEYWRAP
    #define WOLFSSL_AES_DIRECT
    
    /* Signature specific */
    #define ASN_BER_TO_DER

    /* Remove Features */
    #define WOLFSSL_NO_SOCK
    #define NO_WRITEV
    #define NO_FILESYSTEM
    #define NO_MAIN_DRIVER
    #define NO_MD4

    #define NO_RABBIT
    #define NO_HC128
    #define NO_PWDBASED
    #define NO_PSK
    #define NO_OLD_TLS
    #define NO_DES3
    #define NO_MD5
    #define NO_RC4
    #define NO_DH
    #define NO_CMAC
    #define NO_CODING
    #define WOLFSSL_NO_PEM
    #define NO_ASN_TIME
    #define NO_RC4
    #define NO_DSA
    #define NO_SIG_WRAPPER
    #define NO_SESSION_CACHE
    #define NO_OLD_RNGNAME
    #define NO_WOLFSSL_DIR
    #define WOLFSSL_IGNORE_FILE_WARN
    #define NO_ERROR_STRINGS

    #define BENCH_EMBEDDED
    #define NO_CRYPT_TEST
    #define NO_CRYPT_BENCHMARK
    
    #ifdef USE_FAST_MATH
    #   define WC_NO_HARDEN
    #endif

ALL OTHER DEFINE OPTIONS default

WOLFCRYPT_ONLY, WOLFSSL_STATIC_MEMORY, WOLFSSL_NO_MALLOC, USE_FAST_MATH

With my current static onfiguration on a cortex m4 device I have to provide at least 17000 bytes of static buffer for wc_PKCS7_VerifySignedData for a RSA2048 signature verification. The final RAM usage (static + stack) is about 65Kbytes.
Does this RAM usage looks normal in Static configuration? Are there any Static reference projects?

Share

Re: Wolfcrypt minimum RAM footprint for RSA2048 or ECC384

That does not sound outrageous.

Here is a guide you may find useful:
https://www.wolfssl.com/docs/wolfssl-ma … llocation/
In particular, the tuning section at the end.

Re: Wolfcrypt minimum RAM footprint for RSA2048 or ECC384

Also, here is an example of a very minimal configuration for ECC. Perhaps it will be useful:
https://github.com/wolfSSL/wolfssl/blob … _min_ecc.h

Re: Wolfcrypt minimum RAM footprint for RSA2048 or ECC384

Hi swapnil,

To be clear the default sizes of the static memory buckets are not tuned for your use-case. So you will want to supply custom buckets appropriately sized to optimize use.

Example:
#define WOLFMEM_BUCKETS=64,256,384,432,512,1632,2976,3456,16128
#define WOLFMEM_DIST=16,8,6,4,6,3,2,1,1"

You might also try: #define ALT_ECC_SIZE or if use ECC only adjust your #define FP_MAX_BITS (256*2).

For debugging the sizes try using `WOLFSSL_DEBUG_MEMORY`.

Thanks,
David Garske, wolfSSL

Share