mcr
commented
3 years ago Closed mcr closed 2 years ago
mcr
commented
3 years ago 
EskoDijk
commented
3 years ago Memory saving is also a key element for constrained devices. For example, if the Pledge reserves memory space for only 1 CA certificate (that is e.g. returned from a /crts request) instead of potentially 2, 3, 4 or unlimited (as is my non-constrained EST interpretation) that is an incredible saving already.
Not having to implement PKCS7 in the Pledge is also a code saving, although I have no data on how much it saves. It was more about being able to use standard mbedTLS vs having to extend it with PKCS7.
A major code saving is not requesting the CSR attributes (/att) and thus not parsing these, and then acting on the parsed results in an intelligent way. In my view that part saves a lot, although I don't have quantification of this. (The CSR attributes results parsing code could get arbitrarily complex and 'intelligent'. There are so many potential fields a Registrar could include there in so many combinations.)
I don't understand the comment about RFC 5280 implementation for the fallback path. Is RFC 7030 meant? And what is the fallback path, e.g. does it mean the case the the /crts request has to be sent out?
mcr
commented
3 years ago A major code saving is not requesting the CSR attributes (/att) and thus not parsing these, and then acting on the parsed results in an intelligent way. In my view that part saves a lot, although I don't have quantification of this. (The CSR attributes results parsing code could get arbitrarily complex and 'intelligent'. There are so many potential fields a Registrar could include there in so many combinations.)
But the process says that if you don't get the right anchor from the voucher, you have to do /att. So, all the parsing code is all there anyway.
Where we get code size savings is by using RPK.
EskoDijk
commented
3 years ago But the process says that if you don't get the right anchor from the voucher, you have to do /att. So, all the parsing code is all there anyway.
This above consideration is only for /crts, not for /att.
Note that /att is OPTIONAL per RFC 7030 anyway for the Server to implement. It's just that in RFC 7030 the assumption was that the client would typically attempt /att first. Now in our constrained version, we effectively say that a client can skip the /att in case it can't do something useful with that. Parsing the response of the /att seems quite a bit of code and many many possibilities of what might be included in there. So I would argue that we include this consideration in the draft, if the reviewer wants to see more on "code size" considerations included.
petervanderstok
commented
3 years ago I am not quite convinced. Most of the code is found in libraries that are loaded anyway.
EskoDijk
commented
3 years ago Why would this library code by "loaded anyway" ? If I don't use a library function at all, then the code of that library function is not included in the binary. And no other process for sure in my Pledge is using CSR attributes parsing and using that parse result to decide how to format its CSR. I sincerely doubt that mbedTLS has functions for this, in any case. But if you have a pointer to what functions this is please let me know.
petervanderstok
commented
3 years ago Details, details; I use mbedtls all over the place in pledge, registrar and masa. For masa I use openssl. I don't understand how you can construct a pledge or registrar without using a library. I really want to know.
Concerning parsing that is not directly supported by mbedtls, I use asn1 from mbedtls Below a code snippet for finding an oid value.
/* return_oid
while (p < end){ int found = 0; size_t qlen = 0; / get a sequence from the sequence of sequences / ret = mbedtls_asn1_get_tag(&p, end, &qlen , MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if ( ret == 0){ unsigned char q = p; unsigned char qend = q + qlen; while (q < qend){ size_t plen; q++; ret = mbedtls_asn1_get_len(&q, end, &plen); if (ret != 0){ mbedtls_strerror( ret, err_buf, sizeof(err_buf) ); coap_log(LOG_ERR, " failed\n ! mbedtls_asn1_get_len " "returned -0x%04x - %s\n\n", (unsigned int) -ret, err_buf ); } tag = (q-2); if (tag == MBEDTLS_ASN1_OID){ if ((q-1) == oid_name->length){ found = 1; for ( uint qq = 0; qq < oid_name->length; qq++){ if (oid_name->s[qq] != q[qq])found = 0; } } } if ((found == 1) && (tag == MBEDTLS_ASN1_OCTET_STRING)){ oid_value->length = plen; oid_value->s = coap_malloc(plen); memcpy(oid_value->s, q, plen); return 0; } q = q + plen; } } / if / p = p + qlen; } return 1; }
Esko Dijk schreef op 2021-10-05 08:35:
Why would this library code by "loaded anyway" ? If I don't use a library function at all, then the code of that library function is not included in the binary. And no other process for sure in my Pledge is using CSR attributes parsing and using that parse result to decide how to format its CSR. I sincerely doubt that mbedTLS has functions for this, in any case. But if you have a pointer to what functions this is please let me know.
-- You are receiving this because you commented. Reply to this email directly, view it on GitHub [1], or unsubscribe [2]. Triage notifications on the go with GitHub Mobile for iOS [3] or Android [4].
[1] https://github.com/anima-wg/constrained-voucher/issues/125#issuecomment-934109689 [2] https://github.com/notifications/unsubscribe-auth/ADCZGQINLPGY42KBFW2DX3TUFKMBTANCNFSM47ZU53YQ [3] https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 [4] https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub
mcr
commented
3 years ago Details, details; I use mbedtls all over the place in pledge, registrar and masa. For masa I use openssl. I don't understand how you can construct a pledge or registrar without using a library.
If you link the .a file of the library, then the linker will only pull in code that is actually used. Other code is expunged. On a server/desktop, if you link the .so/.dll, then you get the entire library regardless of what you use or do not. So, in that context, using more stuff is 'free"
embedded systems (RIOT-OS, etc.) use the .a method.
petervanderstok
commented
3 years ago I am less optimistic about the control one has over the granularity of the load process for .a. In my experience, reconstructing libraries was a first step........and then a loss of hassle with ordering.
But, If I am the only one not to be convinced, just ignore me, please.
Peter Michael Richardson schreef op 2021-10-14 00:46:
Details, details; I use mbedtls all over the place in pledge, registrar and masa. For masa I use openssl. I don't understand how you can construct a pledge or registrar without using a library.
If you link the .a file of the library, then the linker will only pull in code that is actually used. Other code is expunged. On a server/desktop, if you link the .so/.dll, then you get the entire library regardless of what you use or do not. So, in that context, using more stuff is 'free"
embedded systems (RIOT-OS, etc.) use the .a method.
-- You are receiving this because you commented. Reply to this email directly, view it on GitHub [1], or unsubscribe [2]. Triage notifications on the go with GitHub Mobile for iOS [3] or Android [4].
[1] https://github.com/anima-wg/constrained-voucher/issues/125#issuecomment-942774687 [2] https://github.com/notifications/unsubscribe-auth/ADCZGQIERK337QOGWFMYJ53UGYD3JANCNFSM47ZU53YQ [3] https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 [4] https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub
mcr
commented
2 years ago remove claims about code size savings.