Additions to cryptographic support

Releases, updates and announcements from the Ultibo team.
User avatar
Site Admin
Posts: 2291
Joined: Sat Dec 19, 2015 3:49 am
Location: Australia

Additions to cryptographic support

Postby Ultibo » Tue Apr 17, 2018 7:58 am

As part of ongoing work to expand functionality of Ultibo core a number of changes have been committed which extend the cryptographic support unit and provide additional services.

The following is a very brief list of the new additions, these are on top of the existing functionality that was already present in the Crypto unit.

  • SHA384 / SHA512 hash (with HMAC)
  • AES cipher Counter Mode (CTR)
  • AES cipher Galois/Counter Mode (GCM)
  • Big Integer Arithmetic
  • RSA Public/Private Key Encrypt/Decrypt
  • Base64 Encode/Decode
  • Abstract Syntax Notation One (ASN.1)
  • X.509 Public Key Certificates

Are these features complete and usable?

In general yes, the cipher and hash algorithms all pass a series of tests and are considered usable, the RSA public/private key support has received a limited amount of testing in the application of creating and verifying digital signatures. The other features such as ASN1 and X509 have only been completed and tested as far as needed to confirm the functionality of RSA, decoding public/private keys and certificates etc.

There is currently nothing within Ultibo core that uses any of these features.

What will they be used for?

All of these (plus a few other key algoritms) will eventually be used to support key functionality such as WiFi, SSL/TLS, SSH, IPv6 and many more.

Why not use existing C libraries to provide these?

In some cases the protocols in question are integrated into the core of Ultibo in such a way that using a library may not be desirable or even possible, in other cases the above implementation may provide the default behavior with optional behavior provided by the use of external libraries. The exact situation will depend on the requirements of each protocol as development continues.

Can I use these in my projects?

Yes, these will be a permanent part of Ultibo core and you can use them to perform cryptographic operations. Unfortunately there are no specific examples of their use at present, we suggest looking at the references in the header of each file as a starting point to understand their usage.

For details of how to apply the latest source to your Ultibo core installation and rebuild your run time library see the wiki page Building from Source or watch the Building the RTL video on YouTube. | Make something amazing
Posts: 1662
Joined: Sun Jun 05, 2016 12:38 pm
Location: Brisbane, Australia

Re: Additions to cryptographic support

Postby Gavinmc42 » Tue Apr 17, 2018 8:39 am

Well done:D

Good for making sure IoT things are secure?
Secure kernel upgrades/remote shell?

These are going to be the core for SSH etc?
Lots of reading, might take some time to get understanding :oops:

Nearly time for new version 3.0?
Posts: 41
Joined: Sat Feb 06, 2016 11:50 pm
Location: Slovenia

Re: Additions to cryptographic support

Postby markokrajnc » Fri May 18, 2018 2:55 am

Thank you very much!

When SSL will be ready, one can make small backup devices with Ultibo... :-)

Thank you!!!!!
Posts: 1662
Joined: Sun Jun 05, 2016 12:38 pm
Location: Brisbane, Australia

Re: Additions to cryptographic support

Postby Gavinmc42 » Wed Sep 11, 2019 12:39 am

One of the Pi forum guys posted about getting Wireguard working.
My ignorance was cured with a google

Would this be more suitable for Ultibo IoT stuff than ssh/ssl?
4000lines of code sounds simpler to me, but probably 100MB of dependencies?
I know just enough to setup a WiFi router after that crypto is black magic.

Return to “Ultibo”

Who is online

Users browsing this forum: No registered users and 1 guest