It's been a while since I applies OpenSSL to a pure embedded environment, but it's quite doable.
No RAM figures available now, but such are very application dependent anyway (how many connections are open at the same time; how many SSL contexts, etc.etc.); I find coding the functionality in a portable way so that you can run it on a desktop box too (Win32 or UNIX) is quite useful here as well: there you've got a plethora of tools to monitor task memory usage, so you can see what the footprint will be about. (Compiler and platform differences...) One can cut down the ROM footprint of OpenSSL as well by configuring it to use a reduced number of crypto algorithms (the various 'no-xyz' config options, where xyz is a cipher, e.g. no-rc5). Then there's the choice whether or not to support 'engines' and you can also select which SSL protocols you wish to support in your embedded build (NO_SSL2), further reducing your code size. >From there, it's stripping some definition tables, which reference functions, e.g. in the SSL, EVP and BIO sections, which, when you want to eke out every last byte of ROM space, must be done by tweaking the code in a few spots. This helps the linker as a few more functions can then be discarded. But take heed: this is reduction process which is highly dependent on your particular needs. Since OpenSSL uses several standard C run-time library calls (such as the FILE* I/O functions -- which can be stripped as well, using NO_FP) I have found that the easiest route there is to simulate those when the embedded system does not offer such libraries. It's been too long ago and my brain is too fuzzy about it to mention RAM/ROM foo5tprint numbers now I obtained that way back then. The major work on this was back around Y2K. So far, my 2 cents. On Tue, Sep 29, 2009 at 8:29 PM, Jose Stein <jlui...@gmail.com> wrote: > Hello, > > I am looking for benchmarks on OpenSSL RAM usage in embedded devices. Also > trying to find ways to reduce it. Any pointers? > > I understand it should be an FAQ but does not seem to be in the list. > > Thanks, > > JLS > -- Met vriendelijke groeten / Best regards, Ger Hobbelt -------------------------------------------------- web: http://www.hobbelt.com/ http://www.hebbut.net/ mail: g...@hobbelt.com mobile: +31-6-11 120 978 -------------------------------------------------- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org