• j3g
  • Member
  • Offline
  • Registered: 2010-12-16
  • Posts: 24

Topic: custom build - common required files?

L.S. said:

However, it can be built smaller if you cut out some of the ciphers.  Some
guys on the OpenWRT project managed to build CyaSSL [wolfSSL] to around 15k.

The wolfSSL code is very compact and organized very well. As you said, to reduce size I'm stripping out ciphers. The problem lies in dependencies. While I am continuing my effort to discover the dependencies, I am hoping you can give some insights. I am trying to build the smallest embedded SSL library possible and only will be using these three features: AES, Diffie-Hellman, SHA-256. In essence my SSL library will support only one stream cipher: AES. The supported client will be built the same.

These are the source files I think I need:
tls.c
ssl.c
aes.c
dh.c
sha256.c
integer.c
random.c
misc.c

Questions:
asm.c - this is assembly for x86 optimization?

So far it appears that integer.o is 50k!?? So I assume adding DH is costly?

I would appreciate any insights.

Share

  • todd
  • Moderator
  • Offline
  • Registered: 2010-10-21
  • Posts: 98

Re: custom build - common required files?

You'll need all the source files in wolfssl/src except for sniffer.c, these comprise the TLS/SSL layer.

You'll also need the files you identified from wolfssl/wolfcrypt/src as well as some others.  Which cipher suite are you planning on using?  You'll probably need RSA for authentication.  And you'll probably need asn.c for certificate parsing. You may also need hmac.c, md5.c, and sha.c depending on the cipher suite (and certificate types).

asm.c is only needed if you're using the fastmath library and want assembly optimizations with a supported compiler (GCC style assembly).

integer.o is going to be the biggest object file since it's the biggest source file.  You should optimize for size (-Os for GCC) and remove the frame pointer if possible (-fomit-frame-pointer for GCC).  Depending on your compiler, processor, options, and instruction set you'll probably see this object file anywhere from 20 to 100kB.

Share

  • j3g
  • Member
  • Offline
  • Registered: 2010-12-16
  • Posts: 24

Re: custom build - common required files?

thanks Todd. you are correct on all accounts. Cipher suite is the following:
authentication: RSA
key-exchange: Diffie-Helman
bulk cipher: AES
MAC: SHA-256

Share