OpenSSL provides a toolkit which implements a well-reviewed,
cryptographically secure protocol called SSL (and now TLS).
For an OpenWRT router, the size of the default compile may be too
large to fit into RAM. You can build it without a lot of the optional
ciphers, if you know your environment and know your own security
requirements. (Remember: SSL is a tool, a building block. You cannot
solve a policy/decision problem using only tools -- you must actually
think about what's going on, and determine what's okay and what's
not.)
Technically, if you use WPA2, your data is already encrypted as it
passes through the air. I don't tend to rely on it too much, and I do
use TLS whenever I can.
So, the short answer is yes, OpenSSL will do what you need, and do it
well. It's got a lot of code and data bloat, though, so you might
have issues with its default configuration.
MatrixSSL may do what you need, but it's open-source crippleware that
only does SSLv3 in its default configuration (but, it is very small).
-Kyle H
2009/9/18 Fábio Ricci <fabio.ri...@gmail.com>:
> Hi all!
>
> I don't know nothing about cryptography using sockets.
>
> I need to do an application written in C that is a client/server that
> receives and responds commands.
> The data must be cryptographed as it will travell in a wireless network.
> I plan to do this client/server to be used inside an openwrt router.
> I only need advices about how/where I can get started.
>
>
> Is openssl suitable for this task?
> Are there other options?
>
>
> Thanks in advance!
>
>
> -
>
> In case anyone want to know, this is a task for graduation and this is the
> system overview:
>
> The client connects by cable on an AccessPoint that will pass the data for
> the other AP and will communicate with a board.
>
>
>
> cable +---------------+ ***encrypted data***
> +----------------------+ LAN port
> {client}<-------------->| Bridge AP | <- - - - - - - - - - - - - - - - ->
> | AccessPoint2 |-------------------->{ethernet-based controller board}
> +----------------+ wireless
> +---------------------+ LAN cable port
> embedded client/server
> embedded client/server
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
