Topic: ECC certificate buffers

Hi
I am very new to embedded security. I am working with stm32f4 and want to implement ECC (ECDHE_ECDSA with any AES cipher) based ciphersuite. Currently I am working without filesystem. Im using FreeRTOS. I am using 1024 size buffers
I want to run a server application in STM32F4.
Since I dont have file system, I want to use the buffer based functions
int CyaSSL_CTX_load_verify_buffer(CYASSL_CTX*, const unsigned char*, long, int)
int CyaSSL_CTX_use_certificate_buffer(CYASSL_CTX*, const unsigned char*, long, int)
int CyaSSL_CTX_use_PrivateKey_buffer(CYASSL_CTX*, const unsigned char*, long, int)

for loading certificates. I do not see any certificate buffers in cert_tests.h file that are specifically for ecc based cryptography. Is it meant to be like that? Am I just supposed to use any one of the buffers in the cert-tests.h file? There seem to be sets of buffers for rsa, dsa and dh only. If not, could you tell me how I can create such a buffer for ECC? OR if there is a similar file that contains the certificate buffers for ECC, where can I find it?

Thank you so much.

Share

Re: ECC certificate buffers

Hi,

We generate our certificate buffers in the certs_test.h file using the gencertbuf.pl script located in the CyaSSL package root directory.

You should be able to add ECC certificates to gencertbuf.pl in DER format like we have done for the RSA-based ones.  Once the script is run, it will place them into the certs_test.h header file.

If you have problems with that, feel free to let us know and we can help out.

Thanks,
Chris