[Ovmsdev] Update WolfSSH/SSL

Michael Balzer dexter at expeedo.de
Sun Jan 24 19:09:51 HKT 2021


Steve,

the new version needs a higher stack size on the RSAKeyGen task, I've 
raised it.

Everything works as before. I don't see any speed changes. It's nice the 
cipher hack isn't necessary anymore.

I don't mind the disk space for the additional sources included.

The higher base memory footprint due to the higher NetMan stack size + 
some additional buffer it seems (some 512 bytes?) means this needs to be 
checked with complex vehicle modules in live operation before merging, 
but I think that won't be an issue.

Regards,
Michael


Am 24.01.21 um 07:38 schrieb Stephen Casner:
> After a pause of three years, I have finally gotten around to updating
> wolfssh and wolfssl to the current stable releases, 1.4.5 and 4.6.0
> respectively.  This includes the code to support SCP that I wrote and
> contributed back to them and was integrated into wolfssh 1.3.0.  There
> were some API tweaks that I needed to work through, but the source
> files are now unmodified except for wolfcrypt/settings.h where I ran
> into a compilation conflict on the XREALLOC macro.  As before, I need
> to supply my own malloc, free and realloc functions so we can control
> PSRAM usage and so we can emit a log message if memory allocation
> fails.
>
> For starters, this update removes the restriction to use cipher
> aes128-cbc.  In addition, the WolfSSL code now includes integration
> with the hardware crypto acceleration capabilities of the ESP32.  I'm
> not sure how much that will affect performance as we see it because I
> think the biggest performance factor is how we need to use the APIs
> given our task structure.  The public key handshake for initial
> connection may be faster.
>
> I added the new code on a branch named update-wolfssh by copying in
> the source files as I did when creating the wolfssh and wolfssl
> components initially.  I'm running the new code on OVMS in my car and
> have given it basic testing by connecting with the ssh client and
> transferring files with scp.  I invite anyone else who is interested
> to test as well or to comment if there are any concerns about merging
> to the master branch.  There are some memory considerations.
>
> I've added the complete wolfssl source tree even though we only use
> the wolfcrypt subset of wolfssl.  The update added a bunch of files
> and increased the required disk space from 18M to 43M.  Similarly,
> wolfssh added code for scp, sftp, ssh agent server code and also ssh
> clients that we are not using; that increased disk space from 2.0M to
> 2.6M.  I added our scp code before they implemented theirs and I have
> not examined their scp and sftp code to see if there would be any
> advantage in trying to adapt it to fit our non-blocking architecture.
>
> I had to increase the size of the NetMan stack from 8K to 10K to avoid
> stack overflow.  With current master code the max used on my OVMS was
> 5616 whereas after the update it is 9700.
>
> With the current master code, the amount of memory added by NetMan
> when an ssh connection was established was 2557 D/IRAM and 6108 SPIRAM
> for 8665 total.  With the update it was 1240 D/IRAM and 8768 SPIRAM
> for 10008 total.
>
>                                                          -- Steve
> _______________________________________________
> OvmsDev mailing list
> OvmsDev at lists.openvehicles.com
> http://lists.openvehicles.com/mailman/listinfo/ovmsdev

-- 
Michael Balzer * Helkenberger Weg 9 * D-58256 Ennepetal
Fon 02333 / 833 5735 * Handy 0176 / 206 989 26


-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 203 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openvehicles.com/pipermail/ovmsdev/attachments/20210124/0e4192f0/attachment.sig>


More information about the OvmsDev mailing list