This is the mail archive of the ecos-discuss@sourceware.org mailing list for the eCos project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: On Porting OpenSSL v1.0.0c


Hi all, 

-----Original Message-----
From: John Dallaway [mailto:john@dallaway.org.uk] 
Sent: 14 December 2010 09:35
To: Retallack, Mark; 'Michael Bergandi'; Sergei Gavrikov
Cc: eCos Discussion
Subject: Re: On Porting OpenSSL v1.0.0c

Hi Mike, Mark, Sergei and all

Mark wrote:

> I have updated the original OpenSSL v0.9.6b to a later version (0.9.8o),
> which was released in June 2010. It has been on my todo list to get it
> cleaned up and generate a patch. If you are interested in that version,
> I can tar.gz the files and send them to you.

Mike wrote:

> The project I am working on will be using SSL to provide a secure web
> interface for device configuration. In addition, we want to leverage
> the encryption module on our processor (mx27) to get some hardware
> acceleration for our other encryption needs. The ENGINE interface, in
> particular, is the primary reason for our desire to go ahead and port
> the latest OpenSSL to eCos.

Sergei wrote:

> I would look at PolarSSL
> 1) http://polarssl.org/features

>
>
>It looks like there is certainly interest in an up-to-date free SSL
>implementation for eCos. Configurability, licensing and ease-of-update
>are key factors here. It would be interesting to compare the sizes of
>PolarSSL and OpenSSL when configured with the same feature set. OpenSSL
>licensing is certainly more flexible than the open source PolarSSL
>license for deployment in commercial embedded systems.
>
>Mark, was there much effort involved in updating Andrew Lunn's original
>port of OpenSSL v0.9.6b? The version numbering suggests no major changes.
>
>Does anyone have up-to-date information (with reference) on the
>restrictions for hosting this class of cryptographic source code on a
>publically-accessible server located in the United States?
>
><aside>
>Is there any interest in using SSL with the lwIP TCP/IP stack? Perhaps
>someone has already got this combination working?
></aside>
>
>John Dallaway
>eCos maintainer

-------------------------------------------------

We did look at using the version 1x stream of OpenSSL but found that the changes from the original port where complex, the Port of OpenSSL 0.9.8o was relatively simple. The code layout was mostly the same and it just slotted in (with a bit of extra plumbing). 

I have tar-gz'ed the code and just looking for a place to put it (it is quite large so don't want to attach to maillist email), in the mean time if anyone wants it just send me an email. 

I think someone else mentioned this already but there are 2 Security Advisorys out on 0.9.8o. 

Mark


--
Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]