Re: [mbed-tls] Reduce mbedTLS memory and storage footprint - mbed-tls

27 Jan 2021


      Hello,
The most important thing is to make sure you've disabled all the
features you don't need in config.h. The default configuration enables
most cryptographic mechanisms, but typical constrained systems usually
only need a few.
If your toolchain supports it, use link-time optimization (e.g. gcc -Os
-flto or clang -Oz -flto). I've seen that this makes a significant
improvement for Mbed TLS (I got -30% on one build, obviously the numbers
depend heavily on the configuration and the compiler). (In contrast LTO
when optimizing for performance doesn't seem to improve anything.)
MBEDTLS_MPI_WINDOW_SIZE, MBEDTLS_MPI_MAX_SIZE and MBEDTLS_ECP_MAX_BITS
only impact memory usage (stack and heap), not code size.
-- 
Gilles Peskine
Mbed TLS developer

On 27/01/2021 05:36, T V LIJIN (EXT) via mbed-tls wrote:
> Hi,
> I'm trying to optimize the size of my binary file by making the
> following changes in "*mbedtls/config.h*"
>
> #define MBEDTLS_MPI_WINDOW_SIZE            1
> #define MBEDTLS_MPI_MAX_SIZE            32
> #define MBEDTLS_ECP_MAX_BITS            256
> #define MBEDTLS_SHA256_SMALLER
>
> Even after making the above changes I couldn't see any change in the
> binary size. 
> https://tls.mbed.org/kb/how-to/reduce-mbedtls-memory-and-storage-footprint
> - This is the link I referred to follow the above-mentioned steps.
> Is there anything else I can try to reduce my final binary file size
> (ROM size) ?
>
>
> Thanks,
> LIJIN T V
>