Important changes to forums and questions
All forums and questions are now archived. To start a new conversation or read the latest updates go to forums.mbed.com.
2 years, 3 months ago.
RAM requirements mbed TLS with CA certificate chain verification
The mbedtls forum seems to be a bit quiet at the moment but maybe someone here can help me.
What are the memory requirements for mbed TLS when verifying a CA certificate (x.509) of a server? I believe this setting is switched on using MBEDTLS_SSL_VERIFY_REQUIRED in mbedtls_ssl_conf_authmode().
Is the whole chain loaded in RAM and verified at once or are the certificates loaded in RAM one by one? Or is this something that can be switched using a setting? This has quite some impact on the required RAM in case of a long certificate chain.
2 years, 3 months ago.
first, certificate verification is performed if the authentication mode, as configured by
mbedtls_ssl_conf_authmode, is either
MBEDTLS_SSL_VERIFY_OPTIONAL. The difference is in how the result of the verification affects the ongoing handshake: For
MBEDTLS_SSL_VERIFY_REQUIRED, the handshake stops immediately, while for
MBEDTLS_SSL_VERIFY_OPTIONAL, it is up to the application using Mbed TLS to inspect the failure flags and to decide if it considers them tolerable or not, or alternative to report them appropriately before failing.
Regarding the RAM usage, your right in that currently the CA chain needs to be present in RAM, for two reasons:
- Firstly, handshake messages are currently entirely reassembled in RAM before being passed to the respective parsing functions. In particular, even if the certificate handshake message is implicitly (TLS) or explicitly (DTLS) fragmented, there will always be a contiguous buffer allocated in RAM large enough to hold the whole message.
- Secondly, the certificate verification routine expects the CRT chain as well as list of trusted CA's to be present in RAM at the time of verification.
We are currently working on some alternative messaging infrastructure that allows for gradual message processing, so while I cannot make promises, there's hope we can cut down the RAM usage for CRT chains and CRT verification in the future.
I hope this helps - please feel free to ask more questions,
Hanno, Mbed TLS team member