mbedTLS 2.16.3-cesanta9: Optimize ECP performance by inlining MPI val…

…ues in a few key places ECDHE-ECDSA handshake is now a lot faster and memory footprint is actually lower because usage moved to stack. ECDHE-RSA handshake uses about 1K more at peak and is also faster though not as dramatically (the ECDHE phase). PUBLISHED_FROM=92e096855f165d09a72b7dc9f15d7931a6bf06c8
mongoose-os-libs · Jan 22, 2020 · ec0fd0c · ec0fd0c
1 parent 9637f90
commit ec0fd0c
Show file tree

Hide file tree

Showing 5 changed files with 69 additions and 10 deletions.
diff --git a/mbedtls/include/mbedtls/bignum.h b/mbedtls/include/mbedtls/bignum.h
@@ -84,6 +84,14 @@
 
 #define MBEDTLS_MPI_MAX_BITS                              ( 8 * MBEDTLS_MPI_MAX_SIZE )    /**< Maximum number of bits for usable MPIs. */
 
+#ifndef MBEDTLS_MPI_INLINE_BITS
+#define MBEDTLS_MPI_INLINE_BITS 256
+#endif
+#if MBEDTLS_MPI_INLINE_BITS % 64 != 0
+#error Invalid MBEDTLS_MPI_INLINE_BITS
+#endif
+#define MBEDTLS_MPI_INLINE_LIMBS (MBEDTLS_MPI_INLINE_BITS / 8 / (sizeof(mbedtls_mpi_uint)))
+
 /*
  * When reading from files with mbedtls_mpi_read_file() and writing to files with
  * mbedtls_mpi_write_file() the buffer should have space
@@ -184,12 +192,30 @@ extern "C" {
  */
 typedef struct mbedtls_mpi
 {
-    int s;              /*!<  integer sign      */
-    size_t n;           /*!<  total # of limbs  */
-    mbedtls_mpi_uint *p;          /*!<  pointer to limbs  */
+    int8_t s;                  /*!<  integer sign      */
+    uint8_t inline_buf_size;   /*!<  size of the inline buffer. */
+    uint16_t n;                /*!<  total # of limbs  */
+    mbedtls_mpi_uint *p;       /*!<  pointer to limbs. either points to buf if the number is inlined or to a heap-allocated region.  */
+    mbedtls_mpi_uint inline_buf[0];   /*!<  inline buffer, if any. extends for inline_buf_size limbs past the end of the struct. must be at the end. */
 }
 mbedtls_mpi;
 
+/* mbedtls_mpi with MBEDTLS_MPI_INLINE_LIMBS inline limbs. */
+typedef struct mbedtls_mpi_inline
+{
+    mbedtls_mpi N;
+    mbedtls_mpi_uint inline_buf[MBEDTLS_MPI_INLINE_LIMBS];
+}
+mbedtls_mpi_inline;
+
+/* MPI with twice as many inline limbs. Used to store multiplication results. */
+typedef struct mbedtls_mpi_inline2
+{
+    mbedtls_mpi N;
+    mbedtls_mpi_uint inline_buf[MBEDTLS_MPI_INLINE_LIMBS * 2];
+}
+mbedtls_mpi_inline2;
+
 /**
  * \brief           Initialize an MPI context.
  *
@@ -199,6 +225,16 @@ mbedtls_mpi;
  * \param X         The MPI context to initialize. This must not be \c NULL.
  */
 void mbedtls_mpi_init( mbedtls_mpi *X );
+inline static void mbedtls_mpi_init_inline( mbedtls_mpi_inline *X )
+{
+    mbedtls_mpi_init(&X->N);
+    X->N.inline_buf_size = MBEDTLS_MPI_INLINE_LIMBS;
+}
+inline static void mbedtls_mpi_init_inline2( mbedtls_mpi_inline2 *X )
+{
+    mbedtls_mpi_init(&X->N);
+    X->N.inline_buf_size = MBEDTLS_MPI_INLINE_LIMBS * 2;
+}
 
 /**
  * \brief          This function frees the components of an MPI context.
@@ -255,6 +291,11 @@ int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs );
  * \return         Another negative error code on other kinds of failure.
  */
 int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y );
+inline static int mbedtls_mpi_copy_inline( mbedtls_mpi_inline *X, const mbedtls_mpi *Y )
+{
+    X->N.inline_buf_size = MBEDTLS_MPI_INLINE_LIMBS;
+    return mbedtls_mpi_copy(&X->N, Y);
+}
 
 /**
  * \brief          Swap the contents of two MPIs.

diff --git a/mbedtls/include/mbedtls/config.h b/mbedtls/include/mbedtls/config.h
@@ -3040,6 +3040,15 @@
 /* MPI / BIGNUM options */
 //#define MBEDTLS_MPI_WINDOW_SIZE            6 /**< Maximum windows size used. */
 //#define MBEDTLS_MPI_MAX_SIZE            1024 /**< Maximum number of bytes for usable MPIs. */
+#define MBEDTLS_MPI_INLINE_BITS            256 /* Up to 256-bit MPI operations will be much faster (good for ECP) with modest increase in memoory usage. */
+// Tock uptime: 27.54, RAM: 51536, 37612 free 23160 min fre
+//
+// Tock uptime: 11.32, RAM: 51520, 38180 free 23544 min free 25 0 sz 4 8 40 - 2.5s
+// Tick uptime: 37.00, RAM: 51536, 37704 free 24120 min free sz 4 8 40
+//
+// Tock uptime: 18.50, RAM: 51536, 38468 free 13584 min free - 7 sec
+// Tick uptime: 8.23, RAM: 51520, 38960 free 12152 min free 0 0 sz 4 8 40 - 2.5s
+// Tock uptime: 19.14, RAM: 51536, 39236 free 12912 min free sz 4 8 40
 
 /* CTR_DRBG options */
 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN               48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */

diff --git a/mbedtls/include/mbedtls/ecp.h b/mbedtls/include/mbedtls/ecp.h
@@ -134,9 +134,18 @@ typedef struct mbedtls_ecp_curve_info
  */
 typedef struct mbedtls_ecp_point
 {
-    mbedtls_mpi X;          /*!< The X coordinate of the ECP point. */
-    mbedtls_mpi Y;          /*!< The Y coordinate of the ECP point. */
-    mbedtls_mpi Z;          /*!< The Z coordinate of the ECP point. */
+    union {
+      mbedtls_mpi X;          /*!< The X coordinate of the ECP point. */
+      mbedtls_mpi_inline Xi;
+    };
+    union {
+      mbedtls_mpi Y;          /*!< The Y coordinate of the ECP point. */
+      mbedtls_mpi_inline Yi;
+    };
+    union {
+      mbedtls_mpi Z;          /*!< The Z coordinate of the ECP point. */
+      mbedtls_mpi_inline Zi;
+    };
 }
 mbedtls_ecp_point;
 

diff --git a/mbedtls/include/mbedtls/version.h b/mbedtls/include/mbedtls/version.h
@@ -47,9 +47,9 @@
  *    MMNNPP00
  *    Major version | Minor version | Patch version
  */
-#define MBEDTLS_VERSION_NUMBER         0x02100308
-#define MBEDTLS_VERSION_STRING         "2.16.3-cesanta8"
-#define MBEDTLS_VERSION_STRING_FULL    "mbed TLS 2.16.3-cesanta8"
+#define MBEDTLS_VERSION_NUMBER         0x02100309
+#define MBEDTLS_VERSION_STRING         "2.16.3-cesanta9"
+#define MBEDTLS_VERSION_STRING_FULL    "mbed TLS 2.16.3-cesanta9"
 
 #if defined(MBEDTLS_VERSION_C)
 

diff --git a/mos.yml b/mos.yml
@@ -1,7 +1,7 @@
 author: mongoose-os
 description: Implements SPI API on Mongoose OS
 type: lib
-version: 2.16.3-cesanta8
+version: 2.16.3-cesanta9
 
 sources:
   - src