* CyaSSL Yocto Recipe
@ 2012-09-06 16:06 Chris Conlon
2012-09-06 16:32 ` Kamble, Nitin A
0 siblings, 1 reply; 9+ messages in thread
From: Chris Conlon @ 2012-09-06 16:06 UTC (permalink / raw)
To: yocto
[-- Attachment #1: Type: text/plain, Size: 303 bytes --]
Hi,
As per discussions with a few of the Yocto members, we have put together a Yocto Project recipe for the CyaSSL embedded SSL library. I have attached the recipe here for review and comments.
Thanks,
Chris Conlon
www.yassl.com
chris@yassl.com
Skype: chris_conlon_07
+1 406 209 0601
[-- Attachment #2: cyassl_2.3.0.bb --]
[-- Type: application/octet-stream, Size: 931 bytes --]
SUMMARY = "CyaSSL Embedded SSL Library"
DESCRIPTION = "CyaSSL is a lightweight SSL library written in C and \
optimized for embedded and RTOS environments. It can be \
Up to 20 times smaller than OpenSSL while still supporting \
a full TLS 1.2 client and server."
HOMEPAGE = "http://www.yassl.com/yaSSL/Products-cyassl.html"
BUGTRACKER = "http://github.com/cyassl/cyassl/issues"
SECTION = "libs/network"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
PR = "r0"
SRC_URI = "http://www.yassl.com/cyassl-${PV}.zip"
SRC_URI[md5sum] = "e73b50c95eae06a2fb4a7eb0183b21ab"
SRC_URI[sha256sum] = "b597f1c55d3bc4556d9c37e98ca56da2a529e111164d97c650fb097ef0a0d461"
inherit autotools siteinfo
# Detect and build with correct endianness
CFLAGS += "${@base_conditional('SITEINFO_ENDIANNESS', 'le', '', '-DBIG_ENDIAN_ORDER', d)}"
^ permalink raw reply [flat|nested] 9+ messages in thread* Re: CyaSSL Yocto Recipe 2012-09-06 16:06 CyaSSL Yocto Recipe Chris Conlon @ 2012-09-06 16:32 ` Kamble, Nitin A 2012-09-06 21:59 ` Chris Conlon 0 siblings, 1 reply; 9+ messages in thread From: Kamble, Nitin A @ 2012-09-06 16:32 UTC (permalink / raw) To: Chris Conlon, yocto@yoctoproject.org [-- Attachment #1: Type: text/plain, Size: 1259 bytes --] And here is bit of information about CyaSSL from their website. http://www.yassl.com/yaSSL/Products-cyassl.html The CyaSSL embedded SSL library is a lightweight SSL library written in ANSI C and targeted for embedded and RTOS environments - primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments as well because of its royalty-free pricing and excellent cross platform support. CyaSSL supports industry standards up to the current TLS 1.2 level, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as HC-128, RABBIT, and NTRU. User benchmarking and feedback reports dramatically better performance when using CyaSSL over OpenSSL. Thanks, Nitin From: Chris Conlon [mailto:chris@yassl.com] Sent: Thursday, September 06, 2012 9:07 AM To: yocto@yoctoproject.org Cc: Kamble, Nitin A Subject: CyaSSL Yocto Recipe Hi, As per discussions with a few of the Yocto members, we have put together a Yocto Project recipe for the CyaSSL embedded SSL library. I have attached the recipe here for review and comments. Thanks, Chris Conlon www.yassl.com<http://www.yassl.com> chris@yassl.com<mailto:chris@yassl.com> Skype: chris_conlon_07 +1 406 209 0601 [-- Attachment #2: Type: text/html, Size: 4844 bytes --] ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: CyaSSL Yocto Recipe 2012-09-06 16:32 ` Kamble, Nitin A @ 2012-09-06 21:59 ` Chris Conlon 2012-09-06 22:14 ` Saul Wold 0 siblings, 1 reply; 9+ messages in thread From: Chris Conlon @ 2012-09-06 21:59 UTC (permalink / raw) To: yocto [-- Attachment #1: Type: text/plain, Size: 1461 bytes --] Adding a direct link to the CyaSSL recipe file for review: www.yassl.com/files/yocto/cyassl_2.3.0.bb Best Regards, Chris On Sep 6, 2012, at 10:32 AM, Kamble, Nitin A wrote: > And here is bit of information about CyaSSL from their website. http://www.yassl.com/yaSSL/Products-cyassl.html > > The CyaSSL embedded SSL library is a lightweight SSL library written in ANSI C and targeted for embedded and RTOS environments - primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments as well because of its royalty-free pricing and excellent cross platform support. CyaSSL supports industry standards up to the current TLS 1.2 level, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as HC-128, RABBIT, and NTRU. User benchmarking and feedback reports dramatically better performance when using CyaSSL over OpenSSL. > > Thanks, > Nitin > > From: Chris Conlon [mailto:chris@yassl.com] > Sent: Thursday, September 06, 2012 9:07 AM > To: yocto@yoctoproject.org > Cc: Kamble, Nitin A > Subject: CyaSSL Yocto Recipe > > Hi, > > As per discussions with a few of the Yocto members, we have put together a Yocto Project recipe for the CyaSSL embedded SSL library. I have attached the recipe here for review and comments. > > Thanks, > > Chris Conlon > www.yassl.com > chris@yassl.com > Skype: chris_conlon_07 > +1 406 209 0601 > > [-- Attachment #2: Type: text/html, Size: 6717 bytes --] ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: CyaSSL Yocto Recipe 2012-09-06 21:59 ` Chris Conlon @ 2012-09-06 22:14 ` Saul Wold 2012-09-06 22:38 ` Chris Conlon 0 siblings, 1 reply; 9+ messages in thread From: Saul Wold @ 2012-09-06 22:14 UTC (permalink / raw) To: Chris Conlon; +Cc: yocto On 09/06/2012 02:59 PM, Chris Conlon wrote: > Adding a direct link to the CyaSSL recipe file for review: > > www.yassl.com/files/yocto/cyassl_2.3.0.bb > <http://www.yassl.com/files/yocto/cyassl_2.3.0.bb> > Chris, On initial inspection of this recipe it looks OK, what package/libraries does it provide? Are they the same as the openssl package? You may need RCONFLICTS_${PN} and/or RPROVIDES_${PN}, where the ${PN} may need to be the package names in openssl, I need to check that. I would suggest that initially you make this available as a standard layer, possibly called meta-cyassl, it could be hosted on GitHub. You can add it to the OpenEmbedded Layer Index. See http://www.openembedded.org/wiki/LayerIndex Distributions that want to use this instead of OpenSSL can then use your layer and select your recipe, if it's setup correctly it will provide what they need. I hope this is helpful in moving things forward for you. Sau! Yocto Project Component Wrangler aka Yocto Project User Space Architect > Best Regards, > Chris > > On Sep 6, 2012, at 10:32 AM, Kamble, Nitin A wrote: > >> And here is bit of information about CyaSSL from their >> website.http://www.yassl.com/yaSSL/Products-cyassl.html >> The CyaSSL embedded SSL library is a lightweight SSL library written >> in ANSI C and targeted for embedded and RTOS environments - primarily >> because of its small size, speed, and feature set. It is commonly >> used in standard operating environments as well because of its >> royalty-free pricing and excellent cross platform support. CyaSSL >> supports industry standards up to the current TLS 1.2 level, is up >> to20 times smaller than OpenSSL, and offers progressive ciphers such >> as HC-128, RABBIT, and NTRU. User benchmarking and feedback reports >> dramatically better performance when using CyaSSL over OpenSSL. >> Thanks, >> Nitin >> *From:*Chris Conlon [mailto:chris@yassl.com] >> *Sent:*Thursday, September 06, 2012 9:07 AM >> *To:*yocto@yoctoproject.org <mailto:yocto@yoctoproject.org> >> *Cc:*Kamble, Nitin A >> *Subject:*CyaSSL Yocto Recipe >> >> Hi, >> >> As per discussions with a few of the Yocto members, we have put >> together a Yocto Project recipe for the CyaSSL embedded SSL library. >> I have attached the recipe here for review and comments. >> >> Thanks, >> >> Chris Conlon >> www.yassl.com <http://www.yassl.com> >> chris@yassl.com <mailto:chris@yassl.com> >> Skype: chris_conlon_07 >> +1 406 209 0601 >> > > > > _______________________________________________ > yocto mailing list > yocto@yoctoproject.org > https://lists.yoctoproject.org/listinfo/yocto > ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: CyaSSL Yocto Recipe 2012-09-06 22:14 ` Saul Wold @ 2012-09-06 22:38 ` Chris Conlon 2012-09-06 22:53 ` Richard Purdie 0 siblings, 1 reply; 9+ messages in thread From: Chris Conlon @ 2012-09-06 22:38 UTC (permalink / raw) To: Saul Wold; +Cc: yocto Hi Saul, On Sep 6, 2012, at 4:14 PM, Saul Wold wrote: > On 09/06/2012 02:59 PM, Chris Conlon wrote: >> Adding a direct link to the CyaSSL recipe file for review: >> >> www.yassl.com/files/yocto/cyassl_2.3.0.bb >> <http://www.yassl.com/files/yocto/cyassl_2.3.0.bb> >> > Chris, > > On initial inspection of this recipe it looks OK, what package/libraries does it provide? Are they the same as the openssl package? It provides the CyaSSL embedded SSL library, specifically called "libcyassl". Although it offers similar functionality as the openssl package (SSL and crypto support), it shouldn't conflict naming wise. OpenSSL's library names are "libssl" and "libcrypto". > > You may need RCONFLICTS_${PN} and/or RPROVIDES_${PN}, where the ${PN} may need to be the package names in openssl, I need to check that. CyaSSL shouldn't conflict with OpenSSL, as it has a different library name and header location. Thanks for the suggestion about RPROVIDES. I'm new to writing recipe files, so your feedback is very appreciated. > > I would suggest that initially you make this available as a standard > layer, possibly called meta-cyassl, it could be hosted on GitHub. You can add it to the OpenEmbedded Layer Index. See http://www.openembedded.org/wiki/LayerIndex > > Distributions that want to use this instead of OpenSSL can then use your layer and select your recipe, if it's setup correctly it will provide what they need. Ok, thanks for the pointer. Any chance of the recipe getting rolled into the OpenEmbedded/Yocto meta/recipes-connectivity layer? Thanks, Chris ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: CyaSSL Yocto Recipe 2012-09-06 22:38 ` Chris Conlon @ 2012-09-06 22:53 ` Richard Purdie 2012-09-07 19:55 ` Chris Conlon 2012-10-09 20:26 ` Chris Conlon 0 siblings, 2 replies; 9+ messages in thread From: Richard Purdie @ 2012-09-06 22:53 UTC (permalink / raw) To: Chris Conlon; +Cc: yocto On Thu, 2012-09-06 at 16:38 -0600, Chris Conlon wrote: > Hi Saul, > > On Sep 6, 2012, at 4:14 PM, Saul Wold wrote: > > > On 09/06/2012 02:59 PM, Chris Conlon wrote: > >> Adding a direct link to the CyaSSL recipe file for review: > >> > >> www.yassl.com/files/yocto/cyassl_2.3.0.bb > >> <http://www.yassl.com/files/yocto/cyassl_2.3.0.bb> > >> > > Chris, > > > > On initial inspection of this recipe it looks OK, what > package/libraries does it provide? Are they the same as the openssl > package? > > It provides the CyaSSL embedded SSL library, specifically called > "libcyassl". Although it offers similar functionality as the openssl > package (SSL and crypto support), it shouldn't conflict naming wise. > OpenSSL's library names are "libssl" and "libcrypto". > > > > > You may need RCONFLICTS_${PN} and/or RPROVIDES_${PN}, where the > ${PN} may need to be the package names in openssl, I need to check > that. > > CyaSSL shouldn't conflict with OpenSSL, as it has a different library > name and header location. Thanks for the suggestion about RPROVIDES. > I'm new to writing recipe files, so your feedback is very appreciated. > > > > > I would suggest that initially you make this available as a standard > > layer, possibly called meta-cyassl, it could be hosted on GitHub. > You can add it to the OpenEmbedded Layer Index. See > http://www.openembedded.org/wiki/LayerIndex > > > > Distributions that want to use this instead of OpenSSL can then use > your layer and select your recipe, if it's setup correctly it will > provide what they need. > > Ok, thanks for the pointer. Any chance of the recipe getting rolled > into the OpenEmbedded/Yocto meta/recipes-connectivity layer? This looks like an interesting piece of software and a quick read through your webpages suggests there may be some interesting applications of this within OE which I'd love to explore. We are however quite careful about what goes into OE-Core and you've picked about the worst possible point of the cycle to have this discussion (just after feature freeze which was six days ago). So I certainly think this could make OE-Core but probably not in the 1.3 release timeframe. I would also want to see some kind of demo that we could replace some of our openssl/gnutls usage with this too which so far I've not seen. There is discussion in the OE-Core archives about making the SSL/TLS provider selectable though so there is certainly interest. So I think this is a good idea, a layer is a great place to start experimenting and if its shown to be successful it would make the core. We've got to be realistic about the development process and this isn't going to happen overnight though (a layer is much easier/faster to start with). Cheers, Richard -- Yocto Project Architect Linux Foundation Fellow ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: CyaSSL Yocto Recipe 2012-09-06 22:53 ` Richard Purdie @ 2012-09-07 19:55 ` Chris Conlon 2012-10-09 20:26 ` Chris Conlon 1 sibling, 0 replies; 9+ messages in thread From: Chris Conlon @ 2012-09-07 19:55 UTC (permalink / raw) To: Richard Purdie; +Cc: yocto, info Hi Richard, On Sep 6, 2012, at 4:53 PM, Richard Purdie wrote: > This looks like an interesting piece of software and a quick read > through your webpages suggests there may be some interesting > applications of this within OE which I'd love to explore. > > We are however quite careful about what goes into OE-Core and you've > picked about the worst possible point of the cycle to have this > discussion (just after feature freeze which was six days ago). > > So I certainly think this could make OE-Core but probably not in the 1.3 > release timeframe. I would also want to see some kind of demo that we > could replace some of our openssl/gnutls usage with this too which so > far I've not seen. There is discussion in the OE-Core archives about > making the SSL/TLS provider selectable though so there is certainly > interest. > > So I think this is a good idea, a layer is a great place to start > experimenting and if its shown to be successful it would make the core. > We've got to be realistic about the development process and this isn't > going to happen overnight though (a layer is much easier/faster to start > with). Thanks for the notification about your feature freeze. I do understand that it may take some time to get CyaSSL rolled into OE-Core, and I think you and Saul's suggestion of starting with a layer on GitHub is a good first step. From there, maybe we can explore some of the interesting applications you have in mind. Best Regards, Chris ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: CyaSSL Yocto Recipe 2012-09-06 22:53 ` Richard Purdie 2012-09-07 19:55 ` Chris Conlon @ 2012-10-09 20:26 ` Chris Conlon 2012-12-12 15:30 ` Richard Purdie 1 sibling, 1 reply; 9+ messages in thread From: Chris Conlon @ 2012-10-09 20:26 UTC (permalink / raw) To: Richard Purdie, yocto; +Cc: yocto, Scott Garman On Sep 6, 2012, at 4:53 PM, Richard Purdie wrote: > This looks like an interesting piece of software and a quick read > through your webpages suggests there may be some interesting > applications of this within OE which I'd love to explore. > > We are however quite careful about what goes into OE-Core and you've > picked about the worst possible point of the cycle to have this > discussion (just after feature freeze which was six days ago). > > So I certainly think this could make OE-Core but probably not in the 1.3 > release timeframe. I would also want to see some kind of demo that we > could replace some of our openssl/gnutls usage with this too which so > far I've not seen. There is discussion in the OE-Core archives about > making the SSL/TLS provider selectable though so there is certainly > interest. > > So I think this is a good idea, a layer is a great place to start > experimenting and if its shown to be successful it would make the core. > We've got to be realistic about the development process and this isn't > going to happen overnight though (a layer is much easier/faster to start > with). As suggested, we have created a yaSSL layer (meta-yassl) which includes a recipe for the CyaSSL embedded SSL library. The layer can be found on GitHub, here: https://github.com/cconlon/meta-yassl Any comments or suggestions on improving the layer would be greatly appreciated. Going forward from here, what would make the most sense as a next step? Thanks, Chris Conlon www.yassl.com chris@yassl.com Skype: chris_conlon_07 +1 406 209 0601 ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: CyaSSL Yocto Recipe 2012-10-09 20:26 ` Chris Conlon @ 2012-12-12 15:30 ` Richard Purdie 0 siblings, 0 replies; 9+ messages in thread From: Richard Purdie @ 2012-12-12 15:30 UTC (permalink / raw) To: Chris Conlon; +Cc: yocto, Scott Garman On Tue, 2012-10-09 at 14:26 -0600, Chris Conlon wrote: > On Sep 6, 2012, at 4:53 PM, Richard Purdie wrote: > > > This looks like an interesting piece of software and a quick read > > through your webpages suggests there may be some interesting > > applications of this within OE which I'd love to explore. > > > > We are however quite careful about what goes into OE-Core and you've > > picked about the worst possible point of the cycle to have this > > discussion (just after feature freeze which was six days ago). > > > > So I certainly think this could make OE-Core but probably not in the 1.3 > > release timeframe. I would also want to see some kind of demo that we > > could replace some of our openssl/gnutls usage with this too which so > > far I've not seen. There is discussion in the OE-Core archives about > > making the SSL/TLS provider selectable though so there is certainly > > interest. > > > > So I think this is a good idea, a layer is a great place to start > > experimenting and if its shown to be successful it would make the core. > > We've got to be realistic about the development process and this isn't > > going to happen overnight though (a layer is much easier/faster to start > > with). > > As suggested, we have created a yaSSL layer (meta-yassl) which > includes a recipe for the CyaSSL embedded SSL library. The layer can > be found on GitHub, here: > > https://github.com/cconlon/meta-yassl > > Any comments or suggestions on improving the layer would be greatly > appreciated. Going forward from here, what would make the most sense > as a next step? I did finally get around to looking at this, sorry about the delay. The release and some travel commitments all combined against me time wise. I must admit I thought the layer was going to do a little more than it does. The layer in itself is fine and I was able to build it successfully. I did notice the library is a little larger than your 30-100kb quoted on the website. I also noticed it builds with the default configuration with lot of pieces disabled. I think as this stands its interesting but you might not get many people using it. What would get people much more interested is if you could build a system where openssl/gnutls was replaced with cyassl. Initially, I think a proof of concept using .bbappend files to reconfigure recipes to use cyassl would be a good place to start. Once proved to work, we could then incorporate generic ssl providers code into the project core, allowing people to select the ssl provider at will. Is this a direction you'd be willing/able to take the layer? Cheers, Richard ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2012-12-12 15:30 UTC | newest] Thread overview: 9+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2012-09-06 16:06 CyaSSL Yocto Recipe Chris Conlon 2012-09-06 16:32 ` Kamble, Nitin A 2012-09-06 21:59 ` Chris Conlon 2012-09-06 22:14 ` Saul Wold 2012-09-06 22:38 ` Chris Conlon 2012-09-06 22:53 ` Richard Purdie 2012-09-07 19:55 ` Chris Conlon 2012-10-09 20:26 ` Chris Conlon 2012-12-12 15:30 ` Richard Purdie
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.