You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → wolfSSL → wolfSSL embedded SSL configuration
Hi All,
I am testing wolfSSL for embedded devices with SSL. Could you please advice the best configuration settings for runtime performance (i.e. speed)? We are running wolfSSL as pure software without any specific hardware support for crypto operations.
Especially for RSA there are a lot of configuration options to use different algorithms. In mpi_class.h I saw various configurations.
Thanks,
Yun
Hi Yun,
For performance, we usually recommend configuring wolfSSL to use the fastmath library instead of the normal big integer library. To do so, you can either use the "--enable-fastmath" ./configure option or define USE_FAST_MATH.
USE_FAST_MATH switches the big integer library to a faster one that uses assembly if possible. fastmath will speed up public key operations like RSA, DH, and DSA. The big integer library is generally the most portable and generally easiest to get going with, but the negatives to the normal big integer library are that it is slower and it uses a lot of dynamic memory. Because the stack memory usage can be larger when using fastmath, we recommend defining TFM_TIMING_RESISTANT as well when using this option.
Best Regards,
Chris
Hi Chris,
I am trying with the USE_FAST_MATH and TFM_TIMING_RESISTANT configuration. We have a 32 bit processor, could you please further advice how to configure for 32 bit processor with USE_FAST_MATH. I have tried with the following:
#undef FP_64BIT
#undef CRYPT and modified
typedef unsigned int fp_digit to
typedef unsigned short fp_digit.
Without this modification, I got the following compilation error:
ctaocrypt/src/tfm.c:105: warning: shifting an `unsigned long long' by 32 bits is undefinedHowever, using USE_FAST_MATH it was not faster for RSA, but even slower. So I assume that I am using the wrong configuration.
Additionally, I realized sizeof(mp_int) = 16 in case of without the fast math lib, and sizeof(mp_int) = 552, is it correct?
Thanks, Yun
Hi Yun,
What processor and environment are you using wolfSSL with? Have you defined SIZEOF_LONG and SIZEOF_LONG_LONG to match those of your platform/compiler?
Thanks,
Chris
Hi Chris,
Sorry for the late response! I have using a 32 bit processor environment, and the lcc compiler. As far as I know, lcc does not have 64bit support.
Without USE_FAST_MATH, I have the following configuration for the 32bit environment, and everything worked fine.
#define MP_16BIT
#define CHAR_BIT 8
Now, I added
#define SIZEOF_LONG 4
#define SIZEOF_LONG_LONG 4
I still got the warning:
ctaocrypt/src/tfm.c:105: warning: shifting an `unsigned long long' by 32 bits is undefined.
In tfm.h, DIGIT_BIT is defined as
#define DIGIT_BIT (int)((CHAR_BIT) * sizeof(fp_digit))which is 32. So I cannot get rid of the above warning.
What shall I do to get USE_FAST_MATH working for a 32 bit environment?
Thanks, Yun
Hi Yun,
Can you try defining NO_64BIT when building wolfSSL and let me know if it helps?
Thanks,
Chris
wolfSSL - Embedded SSL Library → wolfSSL → wolfSSL embedded SSL configuration
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.017 seconds (89% PHP - 11% DB) with 12 queries