4
\$\begingroup\$

Assume a situation in which you want do some encryption procedures in your ARM microcontroller. (Receive a file, encrypt with 3DES and some hash functions and returning it, for example.)

As far as I know we have two option here:

  1. Reinventing the wheel! i.e. writing some functions to do described cryptography algorithms.
  2. Adding already-written libraries in our project and using their methods simply.

Now I want to benefit from the second solution using OpenSSL libraries. But I'm not sure about it! Is it possible to add these libraries to the IAR IDE? Shall I recompile the OpenSSL source code before adding to my program?

I really appreciate a step-by-step solution.

Peter Mortensen
1,6973 gold badges17 silver badges23 bronze badges
asked Apr 21, 2015 at 10:03
\$\endgroup\$
1
  • 1
    \$\begingroup\$ "Encrypt with ... and some hashes" -- multiple hashes does not provide security and may in fact introduce weaknesses. If you only plan to do different hashes on different inputs there's no problem though. \$\endgroup\$ Commented Apr 21, 2015 at 10:38

1 Answer 1

8
\$\begingroup\$

Yes, you will need to recompile the library in IAR to be able to use it in your project. You can find step-by-step instructions in this answer.

I suggest to take a look at mbedTLS or Tiny SSL instead of OpenSSL, as your project will probably benefit from using a smaller library.

answered Apr 21, 2015 at 10:34
\$\endgroup\$
5
  • 4
    \$\begingroup\$ Agreed - OpenSSL is a huge legacy package which is hard to work with. Consider also nacl.cr.yp.to . If you just want 3DES (obsolete!) and SHA-2, you can get those seperately as reference implementations. Don't forget to use the correct CBC mode, IV, key scheduling and padding modes! \$\endgroup\$ Commented Apr 21, 2015 at 10:45
  • \$\begingroup\$ @pjc50 Can I use NACL in my ARM programs also? \$\endgroup\$ Commented Apr 21, 2015 at 10:53
  • \$\begingroup\$ As I want to do some Signature generation and verification I think the OpenSSL is the only option, right? \$\endgroup\$ Commented Apr 21, 2015 at 10:54
  • 1
    \$\begingroup\$ I believe you need SHA-2 for this. It is implemented in mbedTLS as well. \$\endgroup\$ Commented Apr 21, 2015 at 10:57
  • 1
    \$\begingroup\$ NaCl is targetted at ARM: hyperelliptic.org/tanja/vortraege/20121129.pdf and can do signatures, although only crypto_sign_edwards25519sha512batch and not PGP-compatible signatures. \$\endgroup\$ Commented Apr 21, 2015 at 11:01

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.