For PSoC 6 MCU family of chips and Wi-Fi/BT connectivity chips that have limited flash and RAM footprint, there is a need to optimize the various connectivity middleware components to fit into kits that use these chips.
Examples include CY8CPROTO-062S3-4343W that has 512KB flash and 256KB SRAM.
The default lwIP and Mbed TLS configuration files bundled with the Wi-Fi Middleware Core have serveral features enabled for typical embedded IoT use cases. However, not all of these parameters are pertinent for every use case. The approach is to provide a set of such tunables that can be turned off in order to conserve memory, thus enabling the firmware to fit into the available flash and RAM.
The lwIP parameters are defined in lwipopts.h. Modify this header file to customize the lwIP parameters defined in the table below.
For Mbed TLS, a default config.h file is bundled with the Mbed TLS library. It is not recommended to modify the default config header file; you should modify the user-defined mbedtls_user_config.h file bundled with Wi-Fi Middleware Core. The approach is to update the mbedtls_user_config.h file to override the default behavior defined in the config.h file. Note that this mbedtls_user_config.h file has been tuned with several options to conserve memory for common embedded IoT use cases from the default config.h file, amounting to approx. 16KB of code memory savings. The following recommendations are additional optimizations.
The configurations listed below provide savings to one of the following: code memory, static RAM, or heap memory. Some parameters may save code memory at the cost of heap/SRAM.
The savings are mentioned in kilobytes, and are an estimate (computed in DEBUG build). Actual values may differ from the numbers provided below.
Configuration Parameter | Savings | Type of memory | Action needed | Notes |
---|---|---|---|---|
MBEDTLS_SSL_SRV_C | ~16KB | Code memory | Default:Enabled. To disable, #undef MBEDTLS_SSL_SRV_C in mbedtls_user_config.h | Enables the SSL/TLS server code. This configuration is used when device is expected to function as an SSL/TLS server and can be disabled if only run SSL/TLS client mode is required. |
MBEDTLS_SSL_CLI_C | ~14KB | Code memory | Default:Enabled. To disable, #undef MBEDTLS_SSL_CLI_C in mbedtls_user_config.h | Enables the SSL/TLS client code. This configuration is used when device is expected to function as an SSL/TLS client and can be disabled if only run SSL/TLS server mode is required. |
MBEDTLS_AES_ROM_TABLES | ~8.5KB | Static RAM | Default:Disabled. To enable, #define MBEDTLS_AES_ROM_TABLES in mbedtls_user_config.h | Enable this parameter to use precomputed AES tables stored in ROM. When disabled, the AES tables are generated in RAM at runtime. It comes at the cost of additional code memory and potentially degraded performance if ROM access is slower than RAM access. |
MBEDTLS_SSL_IN_CONTENT_LEN | ~8KB | Heap memory | Default:16384. To override, #define MBEDTLS_SSL_IN_CONTENT_LEN 8192 in mbedtls_user_config.h | Maximum length (in bytes) of incoming plaintext fragments. This determines the size of the incoming TLS I/O buffer in such a way that it is capable of holding the specified amount of plaintext data, regardless of the protection mechanism used. If it is known that the use case running on the device needs smaller-sized buffers (both for handshake and data), this parameter can be tuned to a lower value. The recommended value of 8192 is indicative and can be set lower/upper depending on the end use case. |
MBEDTLS_SSL_OUT_CONTENT_LEN | ~8KB | Heap memory | Default:16384. To override, #define MBEDTLS_SSL_OUT_CONTENT_LEN 8192 in mbedtls_user_config.h | Maximum length (in bytes) of incoming plaintext fragments. This determines the size of the outgoing TLS I/O buffer in such a way that it is capable of holding the specified amount of plaintext data, regardless of the protection mechanism used. If it is known that the use case running on the device needs smaller-sized buffers (both for handshake and data), this parameter can be tuned to a lower value. The recommended value of 8192 is indicative and can be set lower/upper depending on the end use case. |
MBEDTLS_CHACHA20_C MBEDTLS_CHACHAPOLY_C MBEDTLS_POLY1305_C | ~4KB | Code memory | Default:Enabled. To disable, #undef MBEDTLS_CHACHA20_C in mbedtls_user_config.h | These options enable support for ChaCha20 stream cipher, ChaCha20-Poly1305 AEAD algorithm and Poly1305 MAC algorithm respectively. These are generally used for HomeKit ADK library features. |
MBEDTLS_CAMELLIA_SMALL_MEMORY | ~1KB | Code memory | Default:Disabled. To enable, #define MBEDTLS_CAMELLIA_SMALL_MEMORY in mbedtls_user_config.h | This parameter is used to save code memory by using a small footprint Camellia implementation. Mutually exclusive to MBEDTLS_CAMELLIA_C below. |
MBEDTLS_CAMELLIA_C | ~7.5KB | Code memory | Default:Enabled. To enable, #define MBEDTLS_CAMELLIA_C in mbedtls_user_config.h | This parameter enables support for the fully featured Camellia cipher suites. Mutually exclusive to MBEDTLS_CAMELLIA_SMALL_MEMORY above. |
MBEDTLS_SHA256_SMALLER | ~1.6KB | Code memory | Default:Disabled. To enable, #define MBEDTLS_SHA256_SMALLER in mbedtls_user_config.h | Enabling this option saves code space but at the expense of performance. For example, on Cortex-M4 it reduces the size by approx 2KB for a performance hit of about 30%. |
Configuration Parameter | Savings | Type of memory | Action needed | Notes |
---|---|---|---|---|
LWIP_IPV6 | ~27KB | Code memory | Default:Enabled. To disable, #define LWIP_IPV6 0 in lwipopts.h | This parameter enables support for IPv6. |
~3.3KB | Static RAM | |||
LWIP_STATS | ~1.4KB | Code memory | Default:Disabled. To enable, #define LWIP_STATS 1 in lwipopts.h | Enabling this parameter, results in lwIP collecting debug and other statistic info. Enabled by default in DEBUG mode and disabled in RELEASE mode. |