• Registered: 2019-09-19
  • Posts: 2

Topic: Reduce Library Size

Hello!

I am using wolfSSL to create a TLS connection between client and server. I have been trying to disable as many features as I can to reduce the library size, however even the best Cipher Suites still need ~280 kB to run.

Since the wolfSSL docs claim that the library size can be reduced to just about 100 kB I am wondering if I am doing something wrong or if that just works for other use-cases.

THe config command I used to get the smallest working library is: ./configure --disable-aes --disable-aescbc --disable-aesgcm --disable-asm --enable-chacha --disable-crypttests --disable-des3 --enable-dh --disable-ecc --disable-eccshamir --disable-errorstrings --disable-examples --disable-inline --disable-md5 --disable-memory --disable-oldnames --disable-oldtls --enable-poly1305 --disable-sha224 --disable-sha512 --disable-base64encode --disable-extended-master --disable-harden --disable-jobserver

I am aware that I could disable fastmath but I don't mind those ~50 kB if it means my communication will be faster.

Any help with this would be greatly appreciated.

Share

  • Registered: 2015-10-07
  • Posts: 415

Re: Reduce Library Size

Hi EricDOS,

How are you measuring the code size? If you are just looking at the shared DLL size that has overhead for symbols, which aren't there in a static build. Also most of the size optimization occurs at link-time with the final application. Try using --disable-shared and use the static library with your application.

Can you tell us more about the target and application? We have many options for tuning, but it helps to know the CPU and RTOS.

The fast math library should be about the same size, but it uses stack for math variables instead of heap. The fast math library also support assembly optimizations.

You might also check our --enable-leantls option in ./configure.ac, which has many additional options for reducing code size. See https://github.com/wolfSSL/wolfssl/blob … re.ac#L637

You can find a good reference document here:
https://github.com/wolfSSL/wolfssl/tree … ng-options

If you are looking to boost performance you can try our `--enable-sp=small` option, which provides optimized code for specific keys and curve. This will not reduce code size.

Thanks,
David Garske, wolfSSL

Share

  • Registered: 2019-09-19
  • Posts: 2

Re: Reduce Library Size

Hello dgarke,

Thank you for the quick reply. I am testing on a QNX virtual machine right now. For the library size I was taking the size of the libwolf.so file.

I will look into the resources you provided and see if that helps me.


Thanks a lot,

Eric

Share

  • Registered: 2015-10-07
  • Posts: 415

Re: Reduce Library Size

Hi EricDOS,

For measuring sizes of shared objects you might try the size command:

./configure --enable-leantls && make
size ./src/.libs/libwolfssl.dylib
__TEXT    __DATA    __OBJC    others    dec    hex
262144    4096    0    36864    303104    4a000

Thanks,
David Garske, wolfSSL

Share