Topic: how to build individual algorithms?

Hi, there

I need some hash functions and rsa(ecc) algorithm in wolfcrypt
- sha 256/512
- ecc

I try to build wolfssl according to manual.
It's done(very easily, thanks to you guys) but size of library was so huge....

1. how to build individual algorithms in wolfcrypto?
    (only includes sha256/512 and ecc)

2. if possible, how big is the library size?
    (my capacity is about 10K bytes...)


Re: how to build individual algorithms?

Hey Comomind,

The smallest wolfCrypt only ECC and SHA256/SHA512 can get is about 15K flash and 1K ram. That's because of the math required for ECC.

Typically the library is configured two ways:
1. Using automake and ./configure
2. Defining WOLFSSL_USER_SETTINGS and adding your own user_settings.h file.

A good example for a reference user_settings.h is here: … settings.h

Things you'll need to change from that example are:
1. Add "WOLFCRYPT_ONLY" to disable the TLS/SSL code. (or use ./configure --enable-cryptonly).
2. Remove HAVE_ECC192, HAVE_ECC224, HAVE_ECC384 and HAVE_ECC521 (so you are left with only the 256-bit curves).
3. Remove TFM_ECC192, TFM_ECC224, TFM_ECC384 and TFM_ECC521
4. Turn off RSA change line 101 to #if 0 (./configure --disable-rsa)
5. Turn off AES change line 117 to #if 0 (./configure --disable-aes)
6. Turn off ChaCha/Poly (./configure --disable-chacha --disable-poly1305)
7. Turn off hashing for Sah1. (./configure --disable-sha)
8. Turn off MD5 (./configure --disable-md5)
9. To adjust size vs. performance play with ECC_SHAMIR, ECC_TIMING_RESISTANT and TFM_TIMING_RESISTANT.
10. If you are only doing an ECC verify you can define the following to disable portions of the ECC code: "NO_ECC_SIGN", "NO_ECC_DHE" and "NO_ECC_KEY_EXPORT".