|
From: | Noam Weissman |
Subject: | Re: [lwip-users] Building mbedtls using LWIP library :: Handshake takes too long |
Date: | Thu, 8 Jun 2017 15:30:11 +0000 |
Hi Antonio, mbedTLS uses memory allocation (malloc, free…)
There are defines in mbedTLS code if you want to use system memory allocation or something else. System allocation means malloc, free etc… Another memory manager can be using LwIP memory allocation functions or OS memory allocation functions etc… FreeRTOS normally uses their own memory manager.
If you use the default memory allocation function check that you have a heap sufficient for SSL .. sufficient means
minimum 40-45K RAM and up. I found that the hard way… did not work for me (at start). Another problem that I had is that mbedTLS uses system IO… as we are using an embedded micro there is normally no STDIO and you cannot use printf, gets functions etc.
ST is suppling a retarget.c file but you need to hook the functions to your UART or other device. See PUTCHAR_PROTOTYPE macro for putc function. I am using STM32F4xx and STM32F7xx … these micro’s have a main memory and a fast memory CCM/TCM .. I assigned All of the CCM (64K) for heap. Good luck, Noam. From: lwip-users [mailto:lwip-users-bounces+address@hidden
On Behalf Of Antonio Gonga Hi Noam, Thanks for your answer. >>Do you use any external SDRAM or just the M3 own memory ?. I do not have an external SDRAM yet. My application still uses the Demos /programs/ssl/ssl_server/client, which I believe is fairly simple. and need not much memory.
I am using the Demo examples. The connection is established, the handshake is what takes too much time.
The LWIP layer works since I can see TCP connection establishment messages on wireshark, and also the initial handshake messages. once again thanks, I will keep debugging.
--- From: lwip-users <lwip-users-bounces+address@hidden>
on behalf of Noam Weissman <address@hidden> Hi, Do you use any external SDRAM or just the M3 own memory ?... If you do not have any extra RAM I do not see how you can run HTTPS.. you need around 100-200K RAM to run HTTPS for one page. The estimate is based that your page hase one or more JS files, one or more images, one or more CSS files… in all you need 4-6 connections to load a single page and that needs lots of RAM. Every SSL connection needs 16K for receive and 16K for transmit + some overhead. If you tweak mbedTLS and use a smaller send buffer you may save on RAM but still need about 20+K RAM for
a connection… multiply that by 4-6 that’s a lot.
As for hardware acceleration… some M3 have DES, AES, SHA, CRC and RNG engines. This may help but It is not related to big numbers, as far as I understand. Have you been able to run the SSL server demo from mbedTLS ?... If not then I suggest first run the demo And then work on your own code. Good luck, Noam.
From: lwip-users [mailto:lwip-users-bounces+address@hidden]
On Behalf Of antonio Hi all, I am trying to port mbedTLS to work with my embedded device. My problem is that the handshake procedure never completes, therefore, I am unable to have any HTTPS communication. Further debugging, I noticed
that the math computations are taking too long (bignum.c). Is there a way to avoid such a mess ? I am using MC "arm-cortex-m3", which I believe can achieve fast computations. Any kind of optimizations etc is kindly welcome. /Antonio
View this message in context:
Re: Building mbedtls using LWIP library :: Handshake takes too long |
[Prev in Thread] | Current Thread | [Next in Thread] |