Hi Antonio, mbedTLS uses memory allocation (malloc, free...)
There are defines in mbedTLS code if you want to use system memory allocation or something else. System allocation means malloc, free etc... Another memory manager can be using LwIP memory allocation functions or OS memory allocation functions etc... FreeRTOS normally uses their own memory manager. If you use the default memory allocation function check that you have a heap sufficient for SSL .. sufficient means minimum 40-45K RAM and up. I found that the hard way... did not work for me (at start). Another problem that I had is that mbedTLS uses system IO... as we are using an embedded micro there is normally no STDIO and you cannot use printf, gets functions etc. ST is suppling a retarget.c file but you need to hook the functions to your UART or other device. See PUTCHAR_PROTOTYPE macro for putc function. I am using STM32F4xx and STM32F7xx ... these micro's have a main memory and a fast memory CCM/TCM .. I assigned All of the CCM (64K) for heap. Good luck, Noam. From: lwip-users [mailto:[email protected]] On Behalf Of Antonio Gonga Sent: Thursday, June 08, 2017 4:53 PM To: Mailing list for lwIP users Subject: Re: [lwip-users] Building mbedtls using LWIP library :: Handshake takes too long Hi Noam, Thanks for your answer. >>Do you use any external SDRAM or just the M3 own memory ?. I do not have an external SDRAM yet. My application still uses the Demos /programs/ssl/ssl_server/client, which I believe is fairly simple. and need not much memory. >>Have you been able to run the SSL server demo from mbedTLS ? I am using the Demo examples. The connection is established, the handshake is what takes too much time. The LWIP layer works since I can see TCP connection establishment messages on wireshark, and also the initial handshake messages. once again thanks, I will keep debugging. --- Best Regards, /António, KTH Royal Institute of Technology/Sweden ------------------------- ________________________________ From: lwip-users <[email protected]<mailto:[email protected]>> on behalf of Noam Weissman <[email protected]<mailto:[email protected]>> Sent: Thursday, June 8, 2017 15:09 To: Mailing list for lwIP users Subject: Re: [lwip-users] Building mbedtls using LWIP library :: Handshake takes too long Hi, Do you use any external SDRAM or just the M3 own memory ?... If you do not have any extra RAM I do not see how you can run HTTPS.. you need around 100-200K RAM to run HTTPS for one page. The estimate is based that your page hase one or more JS files, one or more images, one or more CSS files... in all you need 4-6 connections to load a single page and that needs lots of RAM. Every SSL connection needs 16K for receive and 16K for transmit + some overhead. If you tweak mbedTLS and use a smaller send buffer you may save on RAM but still need about 20+K RAM for a connection... multiply that by 4-6 that's a lot. As for hardware acceleration... some M3 have DES, AES, SHA, CRC and RNG engines. This may help but It is not related to big numbers, as far as I understand. Have you been able to run the SSL server demo from mbedTLS ?... If not then I suggest first run the demo And then work on your own code. Good luck, Noam. From: lwip-users [mailto:[email protected]] On Behalf Of antonio Sent: Thursday, June 08, 2017 10:31 AM To: [email protected]<mailto:[email protected]> Subject: Re: [lwip-users] Building mbedtls using LWIP library :: Handshake takes too long Hi all, I am trying to port mbedTLS to work with my embedded device. My problem is that the handshake procedure never completes, therefore, I am unable to have any HTTPS communication. Further debugging, I noticed that the math computations are taking too long (bignum.c). Is there a way to avoid such a mess ? I am using MC "arm-cortex-m3", which I believe can achieve fast computations. Any kind of optimizations etc is kindly welcome. /Antonio ________________________________ View this message in context: Re: Building mbedtls using LWIP library :: Handshake takes too long<http://lwip.100.n7.nabble.com/Building-mbedtls-using-LWIP-library-tp29319p29856.html> Sent from the lwip-users mailing list archive<http://lwip.100.n7.nabble.com/lwip-users-f3.html> at Nabble.com.
_______________________________________________ lwip-users mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/lwip-users
