I did a port of the CyaSSL TLS library  version 2.9.0 by WolfSSL to eCos.
The library itself is attached as "cyassl_ecos_port.zip".
The port was done using a Windows 7 system with an Cygwin 32-Bit environment.
The target system is a Freescale MPC5668G processor (PowerPC architecture).
What WAS tested:
* TLS 1.2 connections with ECC using adjusted example programs 'client' and
'server' with MCP5668 <-> MPC5668, MPC5668 <-> Laptop (CyaSSL client/server),
MPC5668 <-> Laptop (OpenSSL client/server)
* Test-suite (automatically tests SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2 with
various Cipher-Suites by starting a separate server thread and connecting with
the test client), API-Tests, benchmark example
* Loading certificates from a mounted (JFFS2) filesystem
* Loading certificates from memory buffers
* fastmath library was used most of the time
* Blocking and non-blocking I/O (non-blocking realized via ioctl rather than
* Using FreeBSD stack as the network stack
What WAS NOT tested:
* 'echoclient' and 'echoserver' examples were never used and thus not adjusted
for usage on eCos
* Hardware acceleration
* NTRU, Rabbit
* Certificate generation
* Using OpenBSD as the network stack
As there were quite some test programs, I decided to put the tests into a
separate eCos application, attached as "cyassl_ecos_examples.zip".
I mostly could utilize the provided POSIX function calls because of the POSIX
abstraction layer in eCos. The port most definitely will NOT work without this!
As to some numbers I've taken:
* static TLS library size for my use case (IPv6-support, TLS1.2 with ECC,
OCSP): ~120 kBytes without optimization, ~75 kBytes with -Os
* stack usage (mostly the same as client or server): ~15 kBytes during TLS
handshake using a 28 kBytes stack. ~3 kBytes during communication on an
established TLS connection
* Dynamic memory consumption peaks at ~32 kBytes
Compiler optimization -O2 also greatly speeds up processing.
IANAL, so I wasn't sure whether I can simply include the eCos license header to
all files or the CyaSSL license header has to stay. CyaSSL is licensed under
GPLv2 or alternatively under a commercial license. I also sent this port back
to WolfSSL for cleanup and integration.
As I'm about to finish my work here, I will NOT be able to get my hands on a
MPC5668 again anytime soon.