4

Assume a situation in which you want do some encryption procedures in your ARM microcontroller. (Receive a file, encrypt with 3DES and some hash functions and returning it, for example.)

As far as I know we have two option here:

  1. Reinventing the wheel! i.e. writing some functions to do described cryptography algorithms.
  2. Adding already-written libraries in our project and using their methods simply.

Now I want to benefit from the second solution using OpenSSL libraries. But I'm not sure about it! Is it possible to add these libraries to the IAR IDE? Shall I recompile the OpenSSL source code before adding to my program?

I really appreciate a step-by-step solution.

Peter Mortensen
  • 1,676
  • 3
  • 17
  • 23
User1-St
  • 143
  • 4
  • 1
    "Encrypt with ... and some hashes" -- multiple hashes does **not** provide security and may in fact introduce weaknesses. If you only plan to do different hashes on different inputs there's no problem though. –  Apr 21 '15 at 10:38

1 Answers1

8

Yes, you will need to recompile the library in IAR to be able to use it in your project. You can find step-by-step instructions in this answer.

I suggest to take a look at mbedTLS or Tiny SSL instead of OpenSSL, as your project will probably benefit from using a smaller library.

Community
  • 1
Dmitry Grigoryev
  • 25,576
  • 5
  • 45
  • 106
  • 4
    Agreed - OpenSSL is a huge legacy package which is hard to work with. Consider also http://nacl.cr.yp.to/ . If you *just* want 3DES (obsolete!) and SHA-2, you can get those seperately as reference implementations. Don't forget to use the correct CBC mode, IV, key scheduling and padding modes! – pjc50 Apr 21 '15 at 10:45
  • @pjc50 Can I use _NACL_ in my ARM programs also? – User1-St Apr 21 '15 at 10:53
  • As I want to do some Signature generation and verification I think the _OpenSSL_ is the only option, right? – User1-St Apr 21 '15 at 10:54
  • 1
    I believe you need SHA-2 for this. It is implemented in mbedTLS as well. – Dmitry Grigoryev Apr 21 '15 at 10:57
  • 1
    NaCl is targetted at ARM: http://www.hyperelliptic.org/tanja/vortraege/20121129.pdf and can do signatures, although only crypto_sign_edwards25519sha512batch and not PGP-compatible signatures. – pjc50 Apr 21 '15 at 11:01