Author Topic: SSL_RSA_CLIENT_SIZE 2048ul  (Read 2775 times)

mg7

  • Jr. Member
  • **
  • Posts: 6
    • View Profile
SSL_RSA_CLIENT_SIZE 2048ul
« on: February 04, 2014, 09:06:55 AM »
Hi,
Do you see any chance to get SSL_RSA_CLIENT_SIZE 2048ul working on SBC66EC? I would like to access some google services, but since google upgraded all SSL certificates to 2048 bits, I am blocked...
Thank you.
mg7

modtro2

  • Administrator
  • Hero Member
  • *****
  • Posts: 564
    • View Profile
Re: SSL_RSA_CLIENT_SIZE 2048ul
« Reply #1 on: February 06, 2014, 03:23:28 PM »
Hi, the SBC66EC uses the Microchip TCP/IP stack. Have you checked if they support it? The Microchip TCP/IP stack documentation is available here in pdf format and here Windows Help File format (*.chm). I see in the documentation it says currently 128 bits for 16-Bit pic chips, and 256 bits for 32-bit PIC chips. See "SSL" section in "Stack API". The documentation says:
Quote
This SSL server implementation supports key lengths up to 1024 bits on most PIC microcontrollers, and 2048 bits on PIC32 microcontrollers. The SSL_RSA_KEY_SIZE macro in TCPIPConfig.h sets the server certificate key length.

The CPU on the SBC66EC has plenty of RAM, so setting SSL_RSA_KEY_SIZE to 2048 might work. Have you tried compiling the project with:
Code: [Select]
#define SSL_RSA_KEY_SIZE        (2048ul)

mg7

  • Jr. Member
  • **
  • Posts: 6
    • View Profile
Re: SSL_RSA_CLIENT_SIZE 2048ul
« Reply #2 on: February 11, 2014, 09:39:25 AM »
got it: SSL_RSA_CLIENT_SIZE 2048ul is ok, but bigint_helper.s needed to be added to the project !

modtro2

  • Administrator
  • Hero Member
  • *****
  • Posts: 564
    • View Profile
Re: SSL_RSA_CLIENT_SIZE 2048ul
« Reply #3 on: February 11, 2014, 07:28:20 PM »
Hi, thanks for update. Let me know if you have tested and confirmed it works with SSL certificates to 2048 bits

mg7

  • Jr. Member
  • **
  • Posts: 6
    • View Profile
Re: SSL_RSA_CLIENT_SIZE 2048ul
« Reply #4 on: February 12, 2014, 02:49:40 AM »
I use only the ssl client and yes, it works. (rsa.c is also required)