- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I'm struggling with the memory allocation using the PolarSSL functions to perform a modular exponentiation with a 3072 bits modulus.
The pool allocator doesn't look to be optimized to such cases (Allocating 384 and 768 bytes).
What is the maximum key size supported for RSA like operations and what would be the way to have them working properly ?
Thank you.
Solved! Go to Solution.
- Labels:
-
Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The library supports up to 4096 bits. Did you try changing the application thread stack size (default is 1024 bytes) using blecm_SetApplicationThreadStackSizeInWords() and the pool block size/number using cfa_mm_ConfigureMemoryPool()? See ota_secure_firmware_update/hello_sensor.c sample for an example to configure these buffers (thread_and_mem_mgmt.h in SDK 2.1).
Edit: Corrected typo in number of bits supported.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The library supports up to 4096 bits. Did you try changing the application thread stack size (default is 1024 bytes) using blecm_SetApplicationThreadStackSizeInWords() and the pool block size/number using cfa_mm_ConfigureMemoryPool()? See ota_secure_firmware_update/hello_sensor.c sample for an example to configure these buffers (thread_and_mem_mgmt.h in SDK 2.1).
Edit: Corrected typo in number of bits supported.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I did change the stack size to 4K and try to play with the pool allocator sizes.
PolarSSL is allocating (for 3K modulus) buffers of +/- 384 and +/- 768 bytes. (384 bytes corresponding to 3072 bits).
I've seen that by using my own allocator function:
void* myAlloc(size_t size) { ble_trace1("Alloc(%u)", size); void* nptr = cfa_mm_Alloc(size); if (nptr == NULL) ble_trace0("unable to alloc!!"); return nptr; } void MyTestFunc(void) { mpi res, a, e, m; // Use my allocator brcmcryptoglue_set_allocator(myAlloc); // Initialize a, e, m; // perform a^e mod m; mpi_exp_mod(&res, &a, &e, &m, NULL); }
Or if I for example set the last pool (CFA_MM_POOL_2) to 780, which is the highest allocation size required, when PolarSSL requires a buffer of 384 the pool will give him a block of 780 (the smallest one that fits) and of course allocating a lot of 780 blocks will just kill the memory.
Does anybody have an example working for such case ?
Thank you.