You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mynewt.apache.org by marko kiiskila <ma...@runtime.io> on 2016/12/30 02:10:24 UTC

bootloader size with signed images

Hi,

would anyone mind if I dropped ECDSA224 support from the bootloader?

Here are the size comparisons:
targets/boot_nrf52
    app=@apache-mynewt-core/apps/boot
    bsp=@apache-mynewt-core/hw/bsp/nrf52dk
    build_profile=optimized
    syscfg=TIMER_0=0:UART_0=0

with ECDSA256:
objsize
   text	   data	    bss	    dec	    hex	filename
  10816	    352	   4376	  15544	   3cb8	/Users/marko/src2/incubator-mynewt-blinky/bin/targets/boot_nrf52/app/apps/boot/boot.elf

with ECDSA224:
objsize
   text	   data	    bss	    dec	    hex	filename
  23368	    144	   4376	  27888	   6cf0	/Users/marko/src2/incubator-mynewt-blinky/bin/targets/boot_nrf52/app/apps/boot/boot.elf

with RSA:
objsize
   text	   data	    bss	    dec	    hex	filename
  15288	     60	   4376	  19724	   4d0c	/Users/marko/src2/incubator-mynewt-blinky/bin/targets/boot_nrf52/app/apps/boot/boot.elf

For ECSDA256 I’m using the tinycrypt implementation, and this appears to
make the whole thing somewhat smaller.

Given that both are using curves coming from same source, we probably
wouldn’t lose much by dropping the shorter key version.

Unless, of course, someone is already using that. In which we should keep it.