TLS code size on OpenWRT 10.03

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

TLS code size on OpenWRT 10.03

From:	Simon Josefsson
Subject:	TLS code size on OpenWRT 10.03
Date:	Wed, 09 Feb 2011 20:57:24 +0100
User-agent:	Gnus/5.110011 (No Gnus v0.11) Emacs/23.2 (gnu/linux)

Folks,

For curiousity I built all TLS implementations that OpenWRT 10.03
supports, for the mips/brcm-2.4 platform (the default) like this:

svn co svn://svn.openwrt.org/openwrt/branches/backfire
mv backfire/ openwrt-10.03
cd openwrt-10.03/
make package/symlinks
make menuconfig
# go to Libraries=>SSL and enable them all
make

The installed (stripped) object size is as follows:

address@hidden:~/src/openwrt-10.03$ ls -laR 
build_dir/target-mipsel_uClibc-0.9.30.1/*/ipkg-brcm-2.4|egrep -e 
'(libaxtls|libcyassl|libgnutls|libmatrixssl|libssl|libpolarssl)\.so' | grep -v 
-e ' -> ' -e \\.la
-rwxr-xr-x 1 jas jas 74970  9 feb 20.06 libaxtls.so.1.2
-rwxr-xr-x 1 jas jas 144407  9 feb 20.04 libcyassl.so.0.0.0
-rwxr-xr-x 1 jas jas 548215  9 feb 20.10 libgnutls.so.26.14.12
-rwxr-xr-x 1 jas jas 82311  9 feb 20.10 libmatrixssl.so.1.2.4
-rw-r--r-- 1 jas jas  249115  9 feb 20.13 libssl.so.0.9.8
-rwxr-xr-x 1 jas jas 211210  9 feb 20.10 libpolarssl.so
address@hidden:~/src/openwrt-10.03$ 

Of course, that isn't the complete picture since dependencies aren't
included.  I believe these dependencies are involved:

-rwxr-xr-x 1 jas jas 66018  9 feb 20.06 libz.so.1.2.3
-rwxr-xr-x 1 jas jas 326403  9 feb 20.07 libgcrypt.so.11.5.3
-rwxr-xr-x 1 jas jas 11162  9 feb 20.06 libgpg-error.so.0.5.0
-rw-r--r-- 1 jas jas 75618  9 feb 20.02 libpthread-0.9.30.1.so
-rw-r--r-- 1 jas jas 1077339  9 feb 20.13 libcrypto.so.0.9.8

Thus the results would be:

AXTLS: 75kb no dependencies?
CyaSSL: 144kb no dependencies?
GnuTLS: 548kb zlib 66kb libgcrypt 326kb libgpg-error 11kb => 951kb
MatrixSSL: 82kb (+pthread 76kb) => 82/158kb
OpenSSL: 249kb libcrypto 1077kb => 1326kb
PolarSSL: 211kb no dependencies?

Libpthread is part of base-files, so I'm not sure it is fair to include
it as a dependency of MatrixSSL but none of the other libraries depended
on libpthread so it should be mentioned.

Note that GnuTLS's zlib support could be disabled (which is done by at
least OpenSSL and CyaSSL) to save the 66kb from zlib and likely a few
kb's in GnuTLS too, resulting in a ~880kb size for GnuTLS.

And finally note that the abilities of the libraries are very different.
For example, both OpenSSL and GnuTLS are large projects that contains
many things that are useful but not strictly necessary by a TLS
implementation.  The supported features of some projects are mentioned
on this page

http://en.wikipedia.org/wiki/Comparison_of_TLS_Implementations

however the builds in OpenWRT disable some of the features.  I'm curious
how small you could get GnuTLS if you really tried...

/Simon

[Prev in Thread]

Current Thread

[Next in Thread]

TLS code size on OpenWRT 10.03, Simon Josefsson <=

Prev by Date: Re: TLS Inner Application?
Next by Date: typo in assignment
Previous by thread: Errors in the handshake process
Next by thread: typo in assignment
Index(es):
- Date
- Thread