3

I'm looking for a C/C++ implementation of RSA with a 2048 bit key (preferably read from a file). My target is an embedded platform, so it comes with some odd restrictions. The hardware restricts us from using the new operator, and we have to use a special version of malloc supplied by the hardware manufacturer called "umalloc". If necessary, I can dig into the source and replace the malloc calls by hand, but I'd like to avoid that. The most ideal solution would be to find a library that can do RSA encryption but without using exceptions nor dynamic allocation.

I've been researching this for about a week now and I've come across several different libraries in the various stackexchange websites. See here and here. I wanted to reopen this question since most of the questions I found were several years old.

So far here are the following libraries I've come across

  • OpenSSL: Most popular option. Seeing as how I want to JUST do RSA encryption, the OpenSSL seems like overkill. Also, replacing malloc in the source seems like too much effort.
  • LibreSSL: OpenBSD version. If I didn't have any of the above restrictions, I would have gone with this one.
  • crypto++: C++ library, but uses exceptions. Cannot use.
  • axTLS: Seems very lightweight, and I'm investigating this library right now. I've been struggling to understand how to read a public key into its interface though.
  • libcrypto: I just discovered this library a few hours ago. Currently investigating.

Ideally, what I'm hoping for is to just drop in a few files and just use a handful of functions to get going. Are there any libraries beyond what I've listed that can do RSA-2048 encryption and do it without using exceptions or dynamic memory allocation? Thanks

Community
  • 1
HD_Mouse
  • 131
  • 4
  • My brain is a little burned out on this, but I've been looking at the crypto++ again. It may be easy to modify the library to remove the exceptions and simply replace them with error codes. But I'm still very much open to library suggestions that would minimize the integration work required. – HD_Mouse Jun 23 '15 at 00:45
  • 1
    Because the question is about available libraries for a particular language, this really should go to stackoverflow. – schroeder Jun 23 '15 at 02:43
  • @schroeder On SO this would probably be closed quickly because it's asking for off-site resources. I'm thinking [SoftwareRecs.SE]. – S.L. Barth Jun 23 '15 at 05:19
  • 1
    I'm voting to close this question as off-topic because it would be better suited for the Software Recommendations stackexchange. – Steve Dodier-Lazaro Jun 23 '15 at 09:54
  • OpenSSL allows you to substitute the malloc "group" (malloc,realloc,free) using `CRYPTO_set_mem_functions` see `crypto.h`, and it doesn't use C++ exceptions. But it is a quite hefty (many would say obese) full-featured package, and even with every config option off it may still be too big for embedded. – dave_thompson_085 Jun 23 '15 at 09:55
  • @dave_thompson_085 thanks for pointing out those functions. I'll have to investigate that further to see if that'll help, but I agree that OpenSSL seems like overkill for my project. – HD_Mouse Jun 23 '15 at 16:30
  • But yes, please close this question. I didn't realize that there was a 'software recommendations' stackexchange page where this would have been more appropriate. Thanks for the answers though! – HD_Mouse Jun 23 '15 at 16:30

0 Answers0