Hi Joel, thanks a lot for pointing that to us. We would probably prefer not adding a new configuration option for this. I have created the issue 6220 to investigate how we could address this performance regression. We have rapidly discussed on possible solutions (see solution hints). Would you be able to experiment with the first proposition to see if it makes a difference on your board ?
Thanks, Ronald.
-----Original Message----- From: joel.petersson--- via mbed-tls mbed-tls@lists.trustedfirmware.org Sent: 22 August 2022 13:23 To: mbed-tls@lists.trustedfirmware.org Subject: [mbed-tls] Adding option to disable the zeroisation of internal buffers
After recently updating mbedtls I noticed a considerable slowdown (over 70% on my cortex-m7 board) in the sha256 implementation, and after some digging I found the offending commit: https://github.com/Mbed-TLS/mbedtls/commit/76749aea784cfec245390d0d6f0ab0a2d...
I understand the motivation behind the commit, but I think it may not be relevant to all use cases. So my question is if an option to disable the clearing of internal buffers in mbedtls_config.h would be a reasonable improvement? Or would that be considered to much of a foot gun? Regards, Joel Petersson