In the https://www.wolfssl.com/files/flyers/wo … ce_use.pdf I could see the peak usage of RAM for different settings.
Is there any such memoy reference available if I use Static Memory only for PKCS7 type RSA2048 signature verification?
My application only does signature verification and root of trust certificate (DER format) verification of the firmware.
Static Config: Static configuration defines in user_settings.h:
#define WOLFSSL_STATIC_MEMORY
#define WOLFSSL_STATIC_MEMORY
#define WOLFSSL_NO_MALLOC
#define WOLFSSL_STATIC_MEMORY_SMALL
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define WOLFCRYPT_ONLY
#define WOLFSSL_GENERAL_ALIGNMENT 4
#define SINGLE_THREADED
#define SIZEOF_LONG_LONG 8
#ifdef __RSA__
#define WC_RSA_NO_PADDING
#define WC_RSA_PSS
/* WC_RSA_BLINDING: Enables blinding mode, to prevent timing attacks. */
#define WC_RSA_BLINDING
#define RSA_LOW_MEM
#define FP_MAX_BITS 4096
#define WOLFSSL_RSA_VERIFY_INLINE
#define WC_NO_RSA_OAEP
#endif
#ifdef __ECC__
#define HAVE_ECC
#define ECC_SHAMIR
#define TFM_ECC256
/* ECC_TIMING_RESISTANT: ECC specific timing resistance. */
#define ECC_TIMING_RESISTANT
#define NO_ECC_CHECK_KEY
#define NO_RSA
#define HAVE_X963_KDF
#endif
#ifdef __SHA512__
#define WOLFSSL_SHA512
#endif
#ifdef __SHA384__
#define WOLFSSL_SHA384
#endif
/* PKCS7 specific */
#define NO_PKCS7_STREAM
#define HAVE_PKCS7
#define HAVE_AES_KEYWRAP
#define WOLFSSL_AES_DIRECT
/* Signature specific */
#define ASN_BER_TO_DER
/* Remove Features */
#define WOLFSSL_NO_SOCK
#define NO_WRITEV
#define NO_FILESYSTEM
#define NO_MAIN_DRIVER
#define NO_MD4
#define NO_RABBIT
#define NO_HC128
#define NO_PWDBASED
#define NO_PSK
#define NO_OLD_TLS
#define NO_DES3
#define NO_MD5
#define NO_RC4
#define NO_DH
#define NO_CMAC
#define NO_CODING
#define WOLFSSL_NO_PEM
#define NO_ASN_TIME
#define NO_RC4
#define NO_DSA
#define NO_SIG_WRAPPER
#define NO_SESSION_CACHE
#define NO_OLD_RNGNAME
#define NO_WOLFSSL_DIR
#define WOLFSSL_IGNORE_FILE_WARN
#define NO_ERROR_STRINGS
#define BENCH_EMBEDDED
#define NO_CRYPT_TEST
#define NO_CRYPT_BENCHMARK
#ifdef USE_FAST_MATH
# define WC_NO_HARDEN
#endif
ALL OTHER DEFINE OPTIONS default
WOLFCRYPT_ONLY, WOLFSSL_STATIC_MEMORY, WOLFSSL_NO_MALLOC, USE_FAST_MATH
With my current static onfiguration on a cortex m4 device I have to provide at least 17000 bytes of static buffer for wc_PKCS7_VerifySignedData for a RSA2048 signature verification. The final RAM usage (static + stack) is about 65Kbytes.
Does this RAM usage looks normal in Static configuration? Are there any Static reference projects?