The mbed TLS backend provides functionality to use the selected cryptographic algorithms from mbed TLS in nrf_crypto.
- Note
- All APIs in this backend are intended to be internal to nrf_crypto.
Configuration
See Configuring nrf_crypto frontend and backends for details on enabling this backend.
Available frontend API
See Cryptography library - nrf_crypto for information about which nrf_crypto APIs can use this backend.
Memory management in mbed TLS
The mbed TLS library assumes that memory is allocated on the heap or a structure that behaves similarly. Allocation on the stack is not possible if this backend is enabled. Therefore, NRF_CRYPTO_ALLOCATOR must be configured accordingly.
The mbed TLS library requires a lot of memory to do ECC - Elliptic Curve Cryptography. The number of blocks and the size of the allocated blocks depends on selected curve type and on the used API. The following tables show estimates of what is the minimal memory configuration, assuming that the nRF5 SDK Memory Manager is used. Each cell in the tables has two columns: the first is the block size and the second is a number of blocks of specific size that are required.
Curves standardized by NIST:
| NIST and Koblitz curves up to ... |
192 bits | 224 bits | 256 bits | 384 bits | 521 bits |
Block size | Number of blocks | Block size | Number of blocks | Block size | Number of blocks | Block size | Number of blocks | Block size | Number of blocks |
Key pair generation and public key computation | 4 | 7 | 4 | 7 | 4 | 7 | 4 | 6 | 4 | 7 |
24 | 58 | 28 | 50 | 32 | 58 | 48 | 105 | 68 | 106 |
48 | 19 | 32 | 30 | 64 | 19 | 96 | 35 | 136 | 35 |
180 | 1 | 56 | 19 | 180 | 1 | 372 | 1 | 372 | 1 |
576 | 1 | 180 | 1 | 576 | 1 | 1152 | 1 | 1152 | 1 |
576 | 1 |
ECDH | 4 | 6 | 4 | 7 | 4 | 7 | 4 | 7 | 4 | 7 |
24 | 33 | 28 | 27 | 32 | 33 | 48 | 57 | 68 | 57 |
48 | 11 | 32 | 15 | 64 | 11 | 96 | 19 | 136 | 19 |
84 | 1 | 56 | 11 | 84 | 1 | 180 | 1 | 180 | 1 |
288 | 1 | 84 | 1 | 288 | 1 | 576 | 1 | 576 | 1 |
288 | 1 |
ECDSA | 4 | 7 | 4 | 7 | 4 | 8 | 4 | 8 | 4 | 8 |
24 | 65 | 28 | 53 | 32 | 65 | 48 | 113 | 68 | 113 |
48 | 11 | 32 | 40 | 64 | 11 | 96 | 27 | 136 | 31 |
52 | 3 | 56 | 11 | 68 | 3 | 100 | 3 | 144 | 1 |
56 | 1 | 60 | 3 | 72 | 1 | 104 | 1 | 200 | 1 |
72 | 1 | 64 | 1 | 96 | 1 | 144 | 1 | 264 | 4 |
96 | 2 | 84 | 1 | 128 | 2 | 192 | 2 | 576 | 1 |
100 | 3 | 112 | 2 | 132 | 3 | 196 | 3 | 1152 | 1 |
288 | 1 | 116 | 3 | 288 | 1 | 576 | 1 |
576 | 1 | 288 | 1 | 576 | 1 | 1152 | 1 |
576 | 1 |
Private key | 24 | 1 | 28 | 1 | 32 | 1 | 48 | 1 | 68 | 1 |
Public key | 48 | 3 | 56 | 3 | 64 | 3 | 96 | 3 | 72 | 1 |
136 | 1 |
Other curves:
| Curve25519 | Brainpool curves up to ... |
256 bits | 384 bits | 512 bits |
Block size | Number of blocks | Block size | Number of blocks | Block size | Number of blocks | Block size | Number of blocks |
Key pair generation and public key computation | 4 | 9 | 4 | 6 | 4 | 7 | 4 | 7 |
32 | 7 | 32 | 58 | 48 | 106 | 64 | 105 |
36 | 4 | 64 | 20 | 96 | 36 | 128 | 36 |
64 | 8 | 68 | 3 | 100 | 3 | 132 | 3 |
72 | 1 | 104 | 1 | 136 | 1 |
180 | 1 | 372 | 1 | 372 | 1 |
576 | 1 | 1152 | 1 | 1152 | 1 |
ECDH | 4 | 9 | 4 | 7 | 4 | 7 | 4 | 7 |
32 | 7 | 32 | 31 | 48 | 57 | 64 | 56 |
36 | 2 | 64 | 12 | 96 | 20 | 128 | 20 |
64 | 8 | 68 | 3 | 100 | 3 | 132 | 3 |
72 | 1 | 104 | 1 | 136 | 1 |
84 | 1 | 180 | 1 | 180 | 1 |
288 | 1 | 576 | 1 | 576 | 1 |
ECDSA | N/A | N/A | 4 | 8 | 4 | 8 | 4 | 8 |
32 | 63 | 48 | 113 | 64 | 112 |
64 | 16 | 96 | 32 | 128 | 32 |
68 | 3 | 100 | 3 | 132 | 3 |
72 | 1 | 104 | 1 | 136 | 1 |
96 | 1 | 144 | 1 | 192 | 1 |
128 | 2 | 192 | 2 | 256 | 2 |
132 | 3 | 196 | 3 | 260 | 3 |
288 | 1 | 576 | 1 | 576 | 1 |
576 | 1 | 1152 | 1 | 1152 | 1 |
Private key | 32 | 1 | 32 | 1 | 48 | 1 | 64 | 1 |
Public key | 64 | 2 | 64 | 3 | 96 | 3 | 68 | 1 |
128 | 2 |
These are minimal values. The application should set bigger values to make space for additional allocations.