Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Tiny asymmetric cipher implementation to validate download

Tags:

c++

rsa

dsa

To allow a small C++ application to update itself at clients connected over the internet, I am in need of a mechanism that validates the download based on a public key. Algorithms such as DSA or RSA seem to be able to do this nicely.

However, looking at well-known available libraries for this (Crypto++, LibTomCrypt) they all end up making my binary > 500k larger, while it seems to me such logic can be implemented in a couple of k. Are there any libraries that implement RSA/DSA hash verification in a, say, <20k footprint?

like image 895
Emiel Mols Avatar asked Jul 21 '10 18:07

Emiel Mols


2 Answers

Since I found no libraries that fitted my specific need, I whipped up my own library for this: http://github.com/paiq/dsa_verify. The current implementation has a ~50k footprint of program memory, mainly due to the included bignum math lib, but future versions may be stripped even more.

like image 189
Emiel Mols Avatar answered Nov 09 '22 13:11

Emiel Mols


Do you really need ciphers ? Generally, to validate a download, you can use a hash function like MD5 or SHA. Maybe you can find a small library using these.

Either way, you can try the openssl library. However the .a on my machine is about 400K and 250K stripped.

like image 31
Scharron Avatar answered Nov 09 '22 12:11

Scharron