Welcome to the wolfSSL Forums!

2014-06-09 03:28:57

chrisc wrote:

Also, one quick note. At the moment, we don't recommend defining STM32_HASH when using CyaSSL for SSL/TLS. Because of restrictions of the Standard Peripheral library and how its hash API is designed, the CyaSSL STM32 hardware hash integration will only correctly work on a single context at a time. An SSL connection uses several hash contexts simultaneously.
Best Regards,
Chris

Hello Chris,
Thank you for your response.

Is it the same for STM32F2_CRYPTO?
Can I simply implement a mutex for Hash access in std lib or it is more complicated?

For the inter-card communication I tried PSK with success. I will check with benchmark.c.

Kind regards,
Pierre

2014-06-06 02:58:55

Now I use CyaSSL_set_session/CyaSSL_get_session for intercard communication and it improves the timing.
I use it on client side.

This is my implementation and I don't know if it is correct but it works until now:

...
                       xCyaSSL_Object = CyaSSL_new(ctx);

                        if (xCyaSSL_Object == NULL)
                            assert_param(0);

                        if (session)
                            err=CyaSSL_set_session(xCyaSSL_Object, session);

                        if (CyaSSL_set_fd (xCyaSSL_Object, sock) != SSL_SUCCESS )
                            assert_param(0);

                        if (len < sizeof(trame))
                            bw=CyaSSL_write(xCyaSSL_Object, (unsigned char*)trame, len);

                        session = CyaSSL_get_session(xCyaSSL_Object);

                        CyaSSL_free(xCyaSSL_Object);
...

2014-05-27 05:54:47

Hello I'm working on a STM32F437 with crypto hardware enabled.
My problem is that the exchange of packets is too long. If I measure the time with wireshark it takes 220ms for one frame, between [SYN] and [FIN, ACK].

Code is build with optimisation, task webserver is at high priority.

First test was with these options:
key 2048

#ifdef CYASSL_STM32F2
#define SIZEOF_LONG_LONG 8
#define NO_DEV_RANDOM
#define NO_CYASSL_DIR
#define NO_RABBIT
#define STM32F2_RNG
#define USER_TIME
#define STM32F2_HASH
#define STM32F2_CRYPTO
//#define USE_FAST_MATH
//#define TFM_TIMING_RESISTANT
//#define TFM_ARM
#endif

Second test with these options:
key 1024

#ifdef CYASSL_STM32F2
#define SIZEOF_LONG_LONG 8
#define NO_DEV_RANDOM
#define NO_CYASSL_DIR
#define NO_RABBIT
#define STM32F2_RNG
#define USER_TIME
#define STM32F2_HASH
#define STM32F2_CRYPTO
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define TFM_ARM
#endif

There is no difference.

As you can see in appendix file the latency time is between packet 5 and 14.
How can I improve the speed? Because it will be used on local network in this case security is less important than speed.

Thank you for your help.
Pierre

2014-03-20 06:17:00

It is solved now.

The solution is to build the at least the integer.c with optimtisation. For better performance I build the entire wolfSSL embedded SSL library with -Ofast flag.

2014-03-20 03:49:49

Hello,

I traced with a timer to find out where is the blockage.
it is located in integer.c => mp_exptmod_fast level () in the loop for (;;).
It takes two times one second.

Can I reduce the time?

stack copy:
0B1F437 [Embedded C/C++ Application]
0B1_F437_V04.00.00.elf
Thread [1] <main> (Suspended : Breakpoint)
mp_exptmod_fast() at integer.c:1,871 0x802bd28
mp_exptmod() at integer.c:778 0x802a288
RsaFunction() at rsa.c:214 0x8027fec
RsaSSL_Sign() at rsa.c:440 0x8028322
SendCertificateVerify() at internal.c:8,126 0x8022b04
CyaSSL_connect() at ssl.c:4,140 0x801ba26
CyaSSL_negotiate() at ssl.c:304 0x801a25c
SendData() at internal.c:5,479 0x802181c
CyaSSL_write() at ssl.c:436 0x801a29a
gateway_tcp_thread() at gateway_tcp.c:95 0x8006c50
<...more frames...>

Kind regards,
Pierre

2014-03-18 05:47:32

Hello,

I work on ssl communication between two STM32 cards with crypto enabled.
I see that there is a very long time between two packets exchange.

In the capture example in attachment, I use one STM32 in server and a PC as client, but this is the same problem.
See packet between 17 and 19 (in black), there is +- 2,5 seconds.

I checked the communication between two computers, and there is no blocking.

It is nomal with STM32 (or in general with embedded) this blocking time?
Thank you.

Pierre

Welcome to the wolfSSL Forums!

Search options

Posts found: 6

1 Reply by pcu 2014-06-09 03:28:57

Re: How to improve performance on STM32F4 (5 replies, posted in wolfSSL)

2 Reply by pcu 2014-06-06 02:58:55

Re: How to improve performance on STM32F4 (5 replies, posted in wolfSSL)

3 Topic by pcu 2014-05-27 05:54:47

Topic: How to improve performance on STM32F4 (5 replies, posted in wolfSSL)

4 Reply by pcu 2014-03-20 06:17:00

Re: [solved] long time to send one frame (2 replies, posted in wolfSSL)

5 Reply by pcu 2014-03-20 03:49:49

Re: [solved] long time to send one frame (2 replies, posted in wolfSSL)

6 Topic by pcu 2014-03-18 05:47:32

Topic: [solved] long time to send one frame (2 replies, posted in wolfSSL)

Posts found: 6