Open valeriosetti opened 1 week ago
As the key store design is getting a bit complex, I've written a design document in https://github.com/Mbed-TLS/mbedtls/pull/9309 . It's aligned with this pull request (if not, I made a mistake somewhere, please let me know), except that I've documented MBEDTLS_PSA_KEY_SLOT_BUFFER_SIZE
as a publicly configurable option as discussed above.
Description
This PR proposes an alternative solution for key slots which preallocates all the required buffers instead of dynamically allocating them at runtime. A new build symbol named
MBEDTLS_PSA_STATIC_KEY_SLOTS
is used for this purpose and it's disabled by default so that it cannot affect normal Mbed TLS users.This change helps removing the code required to manage heap memory in embedded applications (assuming no other component is using heap, of course) and therefore reducing ROM footprint. This comes with a slightly higher RAM usage, of course, but this can optionally be fine tuned using
MBEDTLS_PSA_KEY_SLOT_COUNT
.Background
p256-m
driver was recently added to Zephyr as alternative to TinyCrypt for secp256r1. Albeitp256-m
claimed to have a smaller footprint compared to TinyCrypt results showed that this does not hold if standard PSA interface provided by Mbed TLS is used to access this driver. Here's a comparison of an ad-hoc test program that was added to Zephyr performing the same operations on secp256r1 curve (2x key derivation + 1x key agreement) with Mbed TLSand TinyCrypt
Digging a bit into the generated binaries it turned out that Mbed TLS had a larger footprint than TinyCrypt because of:
p256-m
driver;The latter is not present in TinyCrypt and most of it (around 2kB) is due to heap management code enabled in the Zephyr core.
Results
With this patch in place it is possible to get rid of extra heap management code (assuming no one else is using it in the program, of course). Here's the same example used before built with this patch:
There's clearly a 2.4 kB ROM code reduction at the expense of a larger RAM usage. However RAM usage can be further reduced by overriding default
MBEDTLS_PSA_KEY_SLOT_COUNT
if the developer knows a-priori the amount of keys that are needed for the application.PR checklist
Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new feature")