Adding standalone RSA code
Mark Murray
markm at FreeBSD.ORG
Fri Dec 10 05:25:14 PST 2004
"Devon H. O'Dell" writes:
> > 240k is not a big binary, and it sounds like your applet is one that
> > may get heavy use. Its not built for speed; how much of a problem is
> > this? If OpenSSL grows hardware BigNum support, your app will not
> > benefit; how will this affect the user? Is size really a concern? I
> > can't find a disk smaller than 10 GB at my local dealer.
>
> I use CompactFlash cards to run FreeBSD on some systems, and the
> smallest is 16MB. This would be a very welcomed library for such a
> system. A good few people are using solid-state disks for data storage
> in FreeBSD these days, especially those of us doing work on embedded
> systems.
FreeBSD is really aiming itself at the server market. While I sympathise
with what you are doing, what you are doing is somewhat specialised, and is
the sort of thing that lends itself to purpose-built tools.
I guess that you are really on the side of a "no crypto" variant of FreeBSD,
but with a few hand-picked ports chosen for your application.
My reluctance to unconditionally accept a custom RSA library is based on
the experience of having other duplicated technologies in the system,
which then diverge and become a real PITN to select and support. IPFW,
IPFilter anf PF are a good example of this.
Previously we had libcrypto AND libdes; it took AGES to clean up that
mess.
> When you have several binaries linking against OpenSSL, that 240k can
> take up a lot of space, very quickly.
In the case of sharable libraries, not very quickly, and not really in a
way that is causing a problem for desktops and servers.
> Hope I didn't sound callous; that's not my intention.
No callousness detected :-)
M
--
Mark Murray
iumop ap!sdn w,I idlaH
More information about the freebsd-arch
mailing list