<div dir="ltr">Greetings,<div><br></div><div style>An update -- the first step is complete -- modified the source to make use of ltc_mp, but using ltm_desc and USE_LTM. 狢 generated an rsa host key and logged in via ssh, as a basic test case.</div>
<div style><br></div><div style>A couple of small details I am working on -- there are some small differences between the ltc_mp and ltm_desc structures -- near the end of the ltm_desc there are some ifdefs that I haven't figured out yet. Any hints?</div>
<div style><br></div><div style>I also notice two missing functions in the descriptors -- mp_addmod and mp_prime_next_prime. 䒷hould I add these to the structures? �Where, at the end?�</div><div style><br></div><div style>
If anyone should care to follow along, I could, for example, put the project up on github or wherever you like. 𤪻r send patches.</div><div style><br></div><div style>Next up will be trying tomsfastmath.</div><div style><br>
</div><div style>Suggestions welcome!</div><div style><br></div><div style>William</div><div style><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Sat, May 25, 2013 at 10:19 AM, Matt Johnston <span dir="ltr"><<a href="mailto:matt@ucc.asn.au" target="_blank">matt@ucc.asn.au</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I'd start from 2013.58. It's mostly a case of search/replace<br>
of function calls, though mp_init is a bit different I<br>
think (it allocates whereas the straight libtommath version<br>
doesn't?). Take a look at<br>
<a href="https://secure.ucc.asn.au/hg/dropbear/file/75509065db53/ecdsa.c#l169" target="_blank">https://secure.ucc.asn.au/hg/dropbear/file/75509065db53/ecdsa.c#l169</a><br>
- the ltc_mp variable is set up at<br>
<a href="https://secure.ucc.asn.au/hg/dropbear/file/75509065db53/crypto_desc.c#l71" target="_blank">https://secure.ucc.asn.au/hg/dropbear/file/75509065db53/crypto_desc.c#l71</a><br>
so it could be set to tfm_desc instead.<br>
<br>
Tomsfastmath 0.12 would be best from <a href="http://libtom.org" target="_blank">libtom.org</a><br>
<br>
Cheers,<br>
Matt<br>
<div class="HOEnZb"><div class="h5"><br>
<br>
<br>
On Sat, May 25, 2013 at 10:01:16AM -0500, William Welch wrote:<br>
> Thank you for your reply.<br>
><br>
> If I were to attempt to add support for tomsfastmath, using ltc_mp as you<br>
> described, which version of dropbear should I start from? 鼦nd where should<br>
> I obtain the tomsfastmath library?<br>
><br>
> Thank you,<br>
><br>
> William<br>
><br>
><br>
><br>
> On Sat, May 25, 2013 at 3:41 AM, Matt Johnston <<a href="mailto:matt@ucc.asn.au">matt@ucc.asn.au</a>> wrote:<br>
><br>
> > Hi,<br>
> ><br>
> > I think the solution is to use tomsfastmath instead. There was a patched<br>
> > version posted a while ago on this list. Eventually I'd like to have<br>
> > Dropbear able to build against either tomsfastmath (for speed) or<br>
> > libtommath (for portability) using the ltc_mp mechanism in libtomcrypt.<br>
> ><br>
> > There's also ECC support nearly complete in the 'ecc' mercurial branch.<br>
> > That's a few times faster than normal kexdh. It adds around 30kB to binary<br>
> > size on x86. That should make it into the next Dropbear release, though<br>
> > only will help for recent OpenSSH peers.<br>
> ><br>
> > Matt<br>
> ><br>
> ><br>
> > William Welch <<a href="mailto:bvwelch@gmail.com">bvwelch@gmail.com</a>> wrote:<br>
> >><br>
> >> Greetings,<br>
> >><br>
> >> First -- thank you for dropbear! 狢 have enjoyed using dropbear on<br>
> >> various smallish systems for years now!<br>
> >><br>
> >> But I have a problem with a specific system -- admittedly it is rather<br>
> >> slow -- only 50 BogoMips according to the linux kernel. It is a Microblaze.<br>
> >><br>
> >> I use the Buildroot system for many different routers and other small<br>
> >> systems here. 狢 have compared different versions of dropbear, against<br>
> >> openssh.<br>
> >><br>
> >> My issue is with the server mode -- sshd -- 狢 note that on dropbear 0.52<br>
> >> (which I happen to run on other routers here), I can connect from my ubuntu<br>
> >> or mac, to dropbear sshd, in about 45 seconds. �This is having disabled the<br>
> >> RSA host key, and already generated the DSS host key. � But on more recent<br>
> >> versions of dropbear, e.g. 2013.58, several minutes elapse without a<br>
> >> connection.<br>
> >><br>
> >> In contrast, switching to openssh in buildroot, and also disabling the<br>
> >> RSA host key, connection time is 5 to 10 seconds! 𡠻nfortunately, the<br>
> >> openssh has a huge 'footprint' in the flash filesystem that I would rather<br>
> >> avoid.<br>
> >><br>
> >> The issue seems to be in the key exchange ( I can watch this by doing<br>
> >> 'ssh -v ' from my client connection). 瓱eanwhile, running 'top' on my<br>
> >> Microblaze shows near 100% cpu used. 慯he debug message is: expecting<br>
> >> SSH2_MSG_KEXDH_REPLY<br>
> >><br>
> >> Buildroot has the gnu cross tool chain set to 'optimize for size' in all<br>
> >> cases.<br>
> >><br>
> >> Suggestions welcome!<br>
> >><br>
> >> thank you,<br>
> >><br>
> >> William<br>
> >><br>
> >><br>
</div></div></blockquote></div><br></div>