Topic: ECC certificate buffers

I am very new to embedded security. I am working with stm32f4 and want to implement ECC (ECDHE_ECDSA with any AES cipher) based ciphersuite. Currently I am working without filesystem. Im using FreeRTOS. I am using 1024 size buffers
I want to run a server application in STM32F4.
Since I dont have file system, I want to use the buffer based functions
int CyaSSL_CTX_load_verify_buffer(CYASSL_CTX*, const unsigned char*, long, int)
int CyaSSL_CTX_use_certificate_buffer(CYASSL_CTX*, const unsigned char*, long, int)
int CyaSSL_CTX_use_PrivateKey_buffer(CYASSL_CTX*, const unsigned char*, long, int)

for loading certificates. I do not see any certificate buffers in cert_tests.h file that are specifically for ecc based cryptography. Is it meant to be like that? Am I just supposed to use any one of the buffers in the cert-tests.h file? There seem to be sets of buffers for rsa, dsa and dh only. If not, could you tell me how I can create such a buffer for ECC? OR if there is a similar file that contains the certificate buffers for ECC, where can I find it?

Thank you so much.


Re: ECC certificate buffers


We generate our certificate buffers in the certs_test.h file using the script located in the CyaSSL package root directory.

You should be able to add ECC certificates to in DER format like we have done for the RSA-based ones.  Once the script is run, it will place them into the certs_test.h header file.

If you have problems with that, feel free to let us know and we can help out.